(华夏银行共享)该漏洞源于rewrite指令使用含重叠捕获组的PCRE正则表达式,且替换字符串在重定向或参数上下文引用多个重叠捕获组时,模块未正确计算输出缓冲区大小,导致内存拷贝越界。未经身份认证的攻击者可通过发送构造的HTTP请求触发漏洞,造成Worker进程崩溃,在ASLR被禁用或被绕过的情况下,攻击者可能进一步实现任意代码执行。0.1.17 <= NGINX Open Source <= 0.9.71.0.0 <= NGINX Open Source <= 1.30.1NGINX Open Source 1.31.0
NGINX Plus 37.0.0
R32 <= NGINX Plus < R32 P7
R36 <= NGINX Plus < R36 P5其他受影响组件:
2.17.0 <= NGINX Instance Manager <= 2.22.05.9.0 <= F5 WAF for NGINX <= 5.13.04.10.0 <= NGINX App Protect WAF <= 4.16.05.2.0 <= NGINX App Protect WAF <= 5.8.0F5 DoS for NGINX 4.9.0
4.3.0 <= NGINX App Protect DoS <= 4.7.0
1.3.0 <= NGINX Gateway Fabnic <= 1.6.2
2.0.0 <= NGINX Gateway Fabnic <= 2.6.1
3.5.0 <= NGINX Ingress Controller <= 3.7.2
4.0.0 <= NGINX Ingress Controller <= 4.0.1
5.0.0 <= NGINXInoress Controller <=5da
不涉及
该案例暂时没有网友评论
✖
案例意见反馈
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作