Advisory | Roxy-WI Unauthenticated Remote Code Executions CVE-2022-31137

Roxy-WI was created for people who want a fault-tolerant infrastructure but do not want to dive deep into the details of setting up and creating a cluster based on HAProxy / NGINX and Keepalived, or just need a convenient interface for managing all services in one place.

Advisory Information

Remotely Exploitable: Yes
Authentication Required: No
Vendor URL:
CVSSv3.1 Score: 10.0 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L)
Date of found: 10.06.2022

Read More