CVE-2024-46257

Published
View on NVD ↗
CVSS v3
6.3
MEDIUM
CVSS v2
N/A
Affected
2
PROJECTS

Description

A Command injection vulnerability in requestLetsEncryptSslWithDnsChallenge in NginxProxyManager 2.11.3 allows an attacker to achieve remote code execution via Add Let's Encrypt Certificate. NOTE: this is not part of any NGINX software shipped by F5.

NginxProxyManager/nginx-proxy-manager
NginxProxyManager/nginx-proxy-manager
Docker container for managing Nginx proxy hosts with a simple, powerful interface
GitHubGitHub
33.4K
barttran2k/POC_CVE-2024-46256
barttran2k/POC_CVE-2024-46256
POC_CVE-2024-46256
GitHubGitHub
6