A Command injection vulnerability in...
Unreviewed
Published
Sep 27, 2024
to the GitHub Advisory Database
•
Updated Sep 27, 2024
Description
Published by the National Vulnerability Database
Sep 27, 2024
Published to the GitHub Advisory Database
Sep 27, 2024
Last updated
Sep 27, 2024
A Command injection vulnerability in requestLetsEncryptSslWithDnsChallenge in NginxProxyManager 2.11.3 allows an attacker to achieve remote code execution via Add Let's Encrypt Certificate. NOTE: this is not part of any NGINX software shipped by F5.
References