CVE-2024-46256

CRITICAL LAB

Jc21 Nginx Proxy Manager - Command Injection

Title source: rule

Description

A Command injection vulnerability in requestLetsEncryptSsl in NginxProxyManager 2.11.3 allows an attacker to RCE via Add Let's Encrypt Certificate.

Exploits (3)

nomisec WORKING POC 6 stars

by barttran2k · poc

https://github.com/barttran2k/POC_CVE-2024-46256

View Code ZIP pw:eip

nomisec WORKING POC

by kimtangker · poc

https://github.com/kimtangker/CVE-2024-46256

View Code ZIP pw:eip

nomisec WRITEUP

by TranDongA3 · poc

https://github.com/TranDongA3/Simulation_CVE-2024-46256

View Code ZIP pw:eip

References (4)

[Product] https://github.com/NginxProxyManager/nginx-proxy-manager/blob/v2.11.3/backend/internal/certificate.js#L830

[Product] https://github.com/NginxProxyManager/nginx-proxy-manager/commit/99cce7e2b0da2978411cedd7cac5fffbe15bc466

[Patch] https://github.com/NginxProxyManager/nginx-proxy-manager/pull/4073/commits/c39d5433bcd13993def222bbb2b6988bbb810a05

[Exploit] https://github.com/barttran2k/POC_CVE-2024-46256

Scores

CVSS v3 9.8

EPSS 0.6015

EPSS Percentile 98.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Lab Environment

COMMUNITY

Community Lab

docker pull jc21/nginx-proxy-manager:2.11.3

https://github.com/barttran2k/POC_CVE-2024-46256

https://github.com/kimtangker/CVE-2024-46256

https://github.com/TranDongA3/Simulation_CVE-2024-46256

View in Library

Details

CWE

CWE-77

Status published

Products (1)

jc21/nginx_proxy_manager 2.11.3

Published Sep 27, 2024

Tracked Since Feb 18, 2026