B3NCLOUD ARTICLE INTELLIGENCE

ARTICLEVIEW

Zurück zu News
nvd.nist.gov
RISK: Mittel (4.0)

[High] CVE-2026-45564 – Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived se...

High CVE-2026-45564 Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, POST /config/versions////save interpolates the URL-path configver parameter directly into a config-version path that ends up at os.system(f"dos2unix -q {cfg}")....

#Sicherheitslücke
Original-Artikel öffnen Zurück zur Übersicht

VERWANDTEARTIKEL

CVE-2026-49759 - Stack buffer overflow in SCTP error cause parsing in inet_drv allows remote VM crash

2026-06-10 Mittel

CVE-2026-46558 - Plane: Cross-workspace asset authorization bypass lets any authenticated user read, copy, delete, and overwrite assets in other Plane workspaces

2026-06-10 Mittel

CVE-2026-45569 - Roxy-WI: Path-traversal patch in commit d4d10006 is a no-op (tuple-membership bug)

2026-06-10 Mittel

CVE-2026-45565 - Roxy-WI: EscapedString validator skips its '..' block when stripping (root cause for several path-traversal/RCE vectors)

2026-06-10 Mittel

CVE-2026-45567 - Roxy-WI: Authentication bypass via 'api' substring in URL + unauthenticated /api/gpt

2026-06-10 Mittel

CVE-2026-45656

2026-06-10 Mittel