Exploit for Missing Authentication for Critical Function in Nginxui Nginx_Ui

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

CVE-2026-27944 + CVE-2026-33032 — nginx-ui Zero-Credential RCE Lab Disclaimer: This repository is intended for educational and authorised security research purposes only. All techniques demonstrated here should only be used against systems you own or...

Visit Original Source

Basic Information

ID B098EB78-C7D7-5BEA-86E2-ABC4FE65CA5D

Published Apr 17, 2026 at 10:41

Modified Apr 17, 2026 at 10:45

{
    "lastseen": "2026-04-17T10:59:16",
    "description": "CVE-2026-27944 + CVE-2026-33032 \u2014 nginx-ui Zero-Credential RCE Lab Disclaimer: This repository is intended for educational and authorised security research purposes only. All techniques demonstrated here should only be used against systems you own or...",
    "published": "2026-04-17T10:41:04",
    "modified": "2026-04-17T10:45:13",
    "type": "githubexploit",
    "title": "Exploit for Missing Authentication for Critical Function in Nginxui Nginx_Ui",
    "source": "",
    "references": "",
    "id": "B098EB78-C7D7-5BEA-86E2-ABC4FE65CA5D",
    "bulletinFamily": "exploit",
    "cwe": null,
    "cvelist": [
        "CVE-2026-27944",
        "CVE-2026-33032"
    ],
    "sourceData": "",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "https://github.com/Shreda/CVE-2026-33032-nginx-ui-vuln-lab",
    "category_name": "Exploit",
    "post_link": "",
    "product": "",
    "version": "",
    "vendor": "",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Exploit for Missing Authentication for Critical Function in Nginxui Nginx_Ui_B098EB78-C7D7-5BEA-86E2-ABC4FE65CA5D

Description

Basic Information

💭 Join the Security Discussion ❌ Cancel Reply