Tag: NGINX

  • Nginx UI Auth Bypass Flaw Actively Exploited in the Wild

    Nginx UI Auth Bypass Flaw Actively Exploited in the Wild

    A critical Nginx UI auth bypass flaw is now actively exploited, allowing attackers to access sensitive server data without authentication. The issue exposes backup files and increases the risk of full system compromise. Unauthenticated endpoint exposes backups The vulnerability affects a backup-related API endpoint that lacks proper access control. Attackers can remotely request and download…

  • NGINX upstream injection: High-severity bug lets attackers tamper with proxied responses

    NGINX upstream injection: High-severity bug lets attackers tamper with proxied responses

    NGINX upstream injection has put a spotlight on a high-severity flaw in a core internet component. Many teams use NGINX as a reverse proxy and load balancer. That role makes response integrity critical for every visitor and app client. This issue does not hand attackers instant access in every environment. Attackers need a strong network…