Back to search
CVE-2026-33029
Published: Mar 30, 2026
Modified: Apr 1, 2026
PUBLISHED
Description
Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, an input validation vulnerability in the logrotate configuration allows an authenticated user to cause a complete Denial of Service (DoS). By submitting a negative integer for the rotation interval, the backend enters an infinite loop or an invalid state, rendering the web interface unresponsive. This issue has been patched in version 2.3.4.
| Vendor | Product | Versions |
|---|---|---|
0xJacky | nginx-ui | affected < 2.3.4 |
Weaknesses (CWE)
References
https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-cp8r-8jvw-v3qg
x_refsource_CONFIRM
https://github.com/0xJacky/nginx-ui/releases/tag/v2.3.4
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now