CVE-2024-46256

CRITICAL LAB

NginxProxyManager 2.11.3 - Remote Code Execution via Let's Encrypt Certificate Request

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2024-46256. PoCs published by barttran2k, kimtangker, TranDongA3.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2024-46256, demonstrating remote code execution (RCE) via command injection in the domain_names parameter of an API endpoint. The exploit authenticates, sends crafted payloads, and can establish a reverse shell.

Description

A Command injection vulnerability in requestLetsEncryptSsl in NginxProxyManager 2.11.3 allows an attacker to RCE via Add Let's Encrypt Certificate.

Exploits (3)

nomisec WORKING POC 6 stars
by barttran2k · poc
https://github.com/barttran2k/POC_CVE-2024-46256

This repository contains a functional exploit for CVE-2024-46256, demonstrating remote code execution (RCE) via command injection in the domain_names parameter of an API endpoint. The exploit authenticates, sends crafted payloads, and can establish a reverse shell.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Unknown (likely a web application with nginx certificate management API)
Auth required
Prerequisites: Valid credentials for authentication · Network access to the target API endpoint
devstral-2 · analyzed Feb 19, 2026 Full analysis →
nomisec WORKING POC
by kimtangker · poc
https://github.com/kimtangker/CVE-2024-46256

This repository contains a functional exploit for CVE-2024-46256, an RCE vulnerability in Nginx Proxy Manager 2.11.3. The exploit leverages template injection in the domain name field during certificate issuance to achieve remote code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Nginx Proxy Manager 2.11.3
Auth required
Prerequisites: Authenticated access to Nginx Proxy Manager · Certificate issuance permissions
devstral-2 · analyzed Feb 19, 2026 Full analysis →
nomisec WRITEUP
by TranDongA3 · poc
https://github.com/TranDongA3/Simulation_CVE-2024-46256

This repository provides a detailed technical analysis of CVE-2024-46256 and CVE-2024-46257, focusing on OS Command Injection in Nginx Proxy Manager v2.11.3. It includes a step-by-step PoC with payloads, screenshots, and root cause analysis, demonstrating authenticated RCE with root privileges.

Classification
Writeup 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Nginx Proxy Manager v2.11.3
Auth required
Prerequisites: Authenticated access to Nginx Proxy Manager · Vulnerable version (v2.11.3 or earlier)
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v3 9.8
EPSS 0.0300
EPSS Percentile 85.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Lab Environment

COMMUNITY
Community Lab
docker pull jc21/nginx-proxy-manager:2.11.3

Details

CWE
CWE-77
Status published
Products (1)
jc21/nginx_proxy_manager 2.11.3
Published Sep 27, 2024
Tracked Since Feb 18, 2026