CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-31125

Roxy-wi is an open source web interface for managing Haproxy, Nginx, Apache and Keepalived servers. A vulnerability in Roxy-wi allows a remote, unauthenticated attacker to bypass authentication and access admin functionality by sending a specially crafted HTTP request. This affects Roxywi versions before 6.1.1.0. Users are advised to upgrade. There are no known workarounds for this issue.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.129

EPSS Ranking 93.7%

CVSS Severity

CVSS v3 Score 10.0

CVSS v2 Score 7.5

References

Products affected by CVE-2022-31125

Roxy-Wi » Roxy-Wi » Version: N/A

cpe:2.3:a:roxy-wi:roxy-wi:-
Roxy-Wi » Roxy-Wi » Version: 1.0

cpe:2.3:a:roxy-wi:roxy-wi:1.0
Roxy-Wi » Roxy-Wi » Version: 1.1

cpe:2.3:a:roxy-wi:roxy-wi:1.1
Roxy-Wi » Roxy-Wi » Version: 1.10

cpe:2.3:a:roxy-wi:roxy-wi:1.10
Roxy-Wi » Roxy-Wi » Version: 1.10.1

cpe:2.3:a:roxy-wi:roxy-wi:1.10.1
Roxy-Wi » Roxy-Wi » Version: 1.10.2

cpe:2.3:a:roxy-wi:roxy-wi:1.10.2
Roxy-Wi » Roxy-Wi » Version: 1.10.2.1

cpe:2.3:a:roxy-wi:roxy-wi:1.10.2.1
Roxy-Wi » Roxy-Wi » Version: 1.3

cpe:2.3:a:roxy-wi:roxy-wi:1.3
Roxy-Wi » Roxy-Wi » Version: 1.4

cpe:2.3:a:roxy-wi:roxy-wi:1.4
Roxy-Wi » Roxy-Wi » Version: 1.4.1

cpe:2.3:a:roxy-wi:roxy-wi:1.4.1
Roxy-Wi » Roxy-Wi » Version: 1.6

cpe:2.3:a:roxy-wi:roxy-wi:1.6
Roxy-Wi » Roxy-Wi » Version: 1.9.1

cpe:2.3:a:roxy-wi:roxy-wi:1.9.1
Roxy-Wi » Roxy-Wi » Version: 2.0.2

cpe:2.3:a:roxy-wi:roxy-wi:2.0.2
Roxy-Wi » Roxy-Wi » Version: 3.2.13

cpe:2.3:a:roxy-wi:roxy-wi:3.2.13
Roxy-Wi » Roxy-Wi » Version: 3.3

cpe:2.3:a:roxy-wi:roxy-wi:3.3
Roxy-Wi » Roxy-Wi » Version: 3.4.4.6

cpe:2.3:a:roxy-wi:roxy-wi:3.4.4.6
Roxy-Wi » Roxy-Wi » Version: 3.4.4.7

cpe:2.3:a:roxy-wi:roxy-wi:3.4.4.7
Roxy-Wi » Roxy-Wi » Version: 3.4.5

cpe:2.3:a:roxy-wi:roxy-wi:3.4.5
Roxy-Wi » Roxy-Wi » Version: 3.4.5.1

cpe:2.3:a:roxy-wi:roxy-wi:3.4.5.1
Roxy-Wi » Roxy-Wi » Version: 4.4.1.0

cpe:2.3:a:roxy-wi:roxy-wi:4.4.1.0
Roxy-Wi » Roxy-Wi » Version: 5.1.1.0

cpe:2.3:a:roxy-wi:roxy-wi:5.1.1.0
Roxy-Wi » Roxy-Wi » Version: 5.1.4.0

cpe:2.3:a:roxy-wi:roxy-wi:5.1.4.0
Roxy-Wi » Roxy-Wi » Version: 5.2.0

cpe:2.3:a:roxy-wi:roxy-wi:5.2.0
Roxy-Wi » Roxy-Wi » Version: 5.2.1

cpe:2.3:a:roxy-wi:roxy-wi:5.2.1
Roxy-Wi » Roxy-Wi » Version: 5.2.2.0

cpe:2.3:a:roxy-wi:roxy-wi:5.2.2.0
Roxy-Wi » Roxy-Wi » Version: 5.2.3.0

cpe:2.3:a:roxy-wi:roxy-wi:5.2.3.0
Roxy-Wi » Roxy-Wi » Version: 5.2.4.0

cpe:2.3:a:roxy-wi:roxy-wi:5.2.4.0
Roxy-Wi » Roxy-Wi » Version: 5.2.5.0

cpe:2.3:a:roxy-wi:roxy-wi:5.2.5.0
Roxy-Wi » Roxy-Wi » Version: 5.2.6.0

cpe:2.3:a:roxy-wi:roxy-wi:5.2.6.0
Roxy-Wi » Roxy-Wi » Version: 5.3.0.0

cpe:2.3:a:roxy-wi:roxy-wi:5.3.0.0
Roxy-Wi » Roxy-Wi » Version: 5.3.1.0

cpe:2.3:a:roxy-wi:roxy-wi:5.3.1.0
Roxy-Wi » Roxy-Wi » Version: 5.3.2.0

cpe:2.3:a:roxy-wi:roxy-wi:5.3.2.0
Roxy-Wi » Roxy-Wi » Version: 5.3.3.0

cpe:2.3:a:roxy-wi:roxy-wi:5.3.3.0
Roxy-Wi » Roxy-Wi » Version: 5.3.4.0

cpe:2.3:a:roxy-wi:roxy-wi:5.3.4.0
Roxy-Wi » Roxy-Wi » Version: 5.3.5.0

cpe:2.3:a:roxy-wi:roxy-wi:5.3.5.0
Roxy-Wi » Roxy-Wi » Version: 5.3.6.0

cpe:2.3:a:roxy-wi:roxy-wi:5.3.6.0
Roxy-Wi » Roxy-Wi » Version: 5.4.0.0

cpe:2.3:a:roxy-wi:roxy-wi:5.4.0.0
Roxy-Wi » Roxy-Wi » Version: 5.4.1.0

cpe:2.3:a:roxy-wi:roxy-wi:5.4.1.0
Roxy-Wi » Roxy-Wi » Version: 5.4.2.0

cpe:2.3:a:roxy-wi:roxy-wi:5.4.2.0
Roxy-Wi » Roxy-Wi » Version: 5.4.3.0

cpe:2.3:a:roxy-wi:roxy-wi:5.4.3.0
Roxy-Wi » Roxy-Wi » Version: 5.5.0.0

cpe:2.3:a:roxy-wi:roxy-wi:5.5.0.0
Roxy-Wi » Roxy-Wi » Version: 5.5.1.0

cpe:2.3:a:roxy-wi:roxy-wi:5.5.1.0
Roxy-Wi » Roxy-Wi » Version: 6.0.0.0

cpe:2.3:a:roxy-wi:roxy-wi:6.0.0.0
Roxy-Wi » Roxy-Wi » Version: 6.0.1.0

cpe:2.3:a:roxy-wi:roxy-wi:6.0.1.0
Roxy-Wi » Roxy-Wi » Version: 6.0.2.0

cpe:2.3:a:roxy-wi:roxy-wi:6.0.2.0
Roxy-Wi » Roxy-Wi » Version: 6.0.3.0

cpe:2.3:a:roxy-wi:roxy-wi:6.0.3.0
Roxy-Wi » Roxy-Wi » Version: 6.1.0.0

cpe:2.3:a:roxy-wi:roxy-wi:6.1.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-31125

Products

Pricing

Contact Us