Roxy-Wi 漏洞列表

Roxy-Wi options.py 存在远程命令执行漏洞，攻击者通过漏洞可以执行命令获取服务器权限 app="HAProxy-WI"

Roxy-WI before 6.1.1.0 is susceptible to remote code execution. System commands can be run remotely via the ssh_command function without processing the inputs received from the user in the /app/funct.py file.

Roxy-WI before 6.1.1.0 is susceptible to remote code execution. System commands can be run remotely via the subprocess_execute function without processing the inputs received from the user in the /app/options.py file.

Roxy-WI before 6.1.1.0 is susceptible to remote code execution. System commands can be run remotely via the delcert parameter without proper input validation in the /app/options.py file, allowing attackers to inject arbitrary OS commands.

Roxy-WI 是一个用于管理 Haproxy、Nginx、Apache 和 Keepalived 服务器的 Web 界面。Roxy-WI 6.1.1.0 之前的版本存在远程代码执行漏洞。攻击者可以通过/app/options.py远程执行任意命令。

Roxy-wi before 6.1.1.0 存在远程代码执行漏洞。此漏洞是ssh_command 函数校验不正确导致的。

Roxy-WI是开源的一款用于管理Haproxy、Nginx 和Keepalived 服务器的Web 界面。Roxy-Wi options.py存在远程命令执行漏洞，攻击者通过漏洞可以执行命令获取服务器权限