Description

NGINX Plus is a software load balancer, web server, and content cache built on top of open source NGINX. NGINX Plus has exclusive enterprise grade features beyond what's available in the open source offering, including session persistence, configuration via API, and active health checks.

NGINX+ contains a ngx_http_api_module module. The ngx_http_api_module module (1.13.3) provides REST API for accessing various status information, configuring upstream server groups on-the-fly, and managing key-value pairs without the need of reconfiguring nginx.

Acunetix determined that it was possible to access this REST interface without authentication. The write parameter from the NGINX+ configuration determines whether the API is read-only or read-write. The API is currently configured as read-write.

It's recommended to restrict access to the NGINX+ API interface.

Remediation

Restrict access to the NGINX+ API interface.

References

Module ngx_http_api_module

Related Vulnerabilities

Insecure transition from HTTPS to HTTP in form post

WordPress Plugin History Collection Arbitrary File Download (1.1.1)

WordPress Plugin Simple Gmail Login Stack Trace Information Disclosure (1.1.3)

Whoops error handler component detected

Apache Tomcat version older than 4.1.37

Severity

High

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N

Tags

Information Disclosure