CVE-2024-46257

MEDIUM

NginxProxyManager 2.11.3 - Remote Code Execution via Let's Encrypt Certificate Request

Title source: llm

Description

A Command injection vulnerability in requestLetsEncryptSslWithDnsChallenge in NginxProxyManager 2.11.3 allows an attacker to achieve remote code execution via Add Let's Encrypt Certificate. NOTE: this is not part of any NGINX software shipped by F5.

References (4)

Core 4

Core References

Product

https://github.com/NginxProxyManager/nginx-proxy-manager/blob/v2.11.3/backend/internal/certificate.js#L870

View Writeup ZIP pw:eip

Product

https://github.com/NginxProxyManager/nginx-proxy-manager/commit/99cce7e2b0da2978411cedd7cac5fffbe15bc466

Patch

https://github.com/NginxProxyManager/nginx-proxy-manager/pull/4073/commits/c39d5433bcd13993def222bbb2b6988bbb810a05

Exploit

https://github.com/barttran2k/POC_CVE-2024-46256

View Exploit ZIP pw:eip

Scores

CVSS v3 6.3

EPSS 0.0128

EPSS Percentile 66.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-89

Status published

Products (1)

jc21/nginx_proxy_manager 2.11.3

Published Sep 27, 2024

Tracked Since Feb 18, 2026