CERT-Bund issued a critical security advisory for Open Source nginx-ui, identifying multiple vulnerabilities in versions prior to 2.3.8. The vulnerabilities carry a CVSS Base Score of 9.6 (Critical) and a Temporal Score of 8.6 (High). Remote exploitation is confirmed.

Organisations running nginx-ui should update to version 2.3.8 or later as a mitigation measure. The vulnerabilities allow attackers to achieve remote code execution with root privileges, administrator access, complete system compromise, and disclosure of sensitive information.

CERT-Bund issued a critical security advisory for Open Source nginx-ui, identifying multiple vulnerabilities in versions prior to 2.3.8. The vulnerabilities carry a CVSS Base Score of 9.6 (Critical) and a Temporal Score of 8.6 (High). Remote exploitation is confirmed.

Organisations running nginx-ui should update to version 2.3.8 or later as a mitigation measure. The vulnerabilities allow attackers to achieve remote code execution with root privileges, administrator access, complete system compromise, and disclosure of sensitive information.