Skip to content
The Nexus
SECURITYMay 14 · 06:00 UTCTHE HACKER NEWS[email protected] (The Hacker News)

18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE

Cybersecurity researchers discovered multiple security vulnerabilities in NGINX Plus and NGINX Open, including a critical 18-year-old flaw that allows unauthenticated remote code execution. The vulnerability is a heap buffer overflow issue impacting ngx_http_rewrite_module with a CVSS v4 score of 9.2. This flaw could enable attackers to achieve remote code execution or cause crashes.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this