CVE-2022-31137
Unauthenticated Remote Code Execution in Roxy-WI
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Versions prior to 6.1.1.0 are subject to a remote code execution vulnerability. System commands can be run remotely via the subprocess_execute function without processing the inputs received from the user in the /app/options.py file. Attackers need not be authenticated to exploit this vulnerability. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected products
hap-wi · roxy-wipublic PoCs found — 4
cve_referencepacketstormsecurity.com/files/167805/Roxy-WI-Remote-Command-Execution.htmlunverifiedcve_referencepacketstormsecurity.com/files/171648/Roxy-WI-6.1.0.0-Improper-Authentication-Control.htmlunverifiedcve_referencepacketstormsecurity.com/files/171652/Roxy-WI-6.1.1.0-Remote-Code-Execution.htmlunverifiedcve_referencepacketstormsecurity.com/files/172547/Roxy-WI-6.1.0.0-Remote-Command-Execution.htmlunverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://packetstormsecurity.com/files/167805/Roxy-WI-Remote-Command-Execution.htmlhttp://packetstormsecurity.com/files/171648/Roxy-WI-6.1.0.0-Improper-Authentication-Control.htmlhttp://packetstormsecurity.com/files/171652/Roxy-WI-6.1.1.0-Remote-Code-Execution.htmlhttp://packetstormsecurity.com/files/172547/Roxy-WI-6.1.0.0-Remote-Command-Execution.htmlhttps://github.com/hap-wi/roxy-wi/commit/82666df1e60c45dd6aa533b01a392f015d32f755https://github.com/hap-wi/roxy-wi/security/advisories/GHSA-53r2-mq99-f532