CVE-2026-33029

Medium CVSS: 6.9

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, an input validation vulnerability in the logrotate configuration allows an authenticated user to cause a complete Denial of Service (DoS). By submitting a negative integer for the rotation interval, the backend enters an infinite loop or an invalid state, rendering the web interface unresponsive. This issue has been patched in version 2.3.4.

Vendor

Nginxui

Product

Nginx Ui

CWE

CWE-20

Yayın Tarihi

2026-03-30 18:16:19

Güncelleme

2026-04-02 17:10:01

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-20 Nginx Ui MEDIUM Nginxui 2026

Referanslar

https://github.com/0xJacky/nginx-ui/releases/tag/v2.3.4 https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-cp8r-8jvw-v3qg

Benzer Kayıtlar

Critical

CVE-2026-33026

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, the nginx-ui backup restore mechanism…

High

CVE-2026-33030

Nginx UI is a web user interface for the Nginx web server. In versions 2.3.3 and prior, Nginx-UI contains an Insecure Di…

Critical

CVE-2026-33032

Nginx UI is a web user interface for the Nginx web server. In versions 2.3.5 and prior, the nginx-ui MCP (Model Context…

Medium

CVE-2026-33027

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, the nginx-ui configuration improperly…

High

CVE-2026-33028

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, the nginx-ui application is vulnerabl…

Critical

CVE-2026-27944

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.3, the /api/backup endpoint is accessibl…