CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-31126

Roxy-wi is an open source web interface for managing Haproxy, Nginx, Apache and Keepalived servers. A vulnerability in Roxy-wi allows a remote, unauthenticated attacker to code execution by sending a specially crafted HTTP request to /app/options.py file. This affects Roxy-wi versions before 6.1.1.0. Users are advised to upgrade. There are no known workarounds for this issue.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.896

EPSS Ranking 99.5%

CVSS Severity

CVSS v3 Score 10.0

CVSS v2 Score 7.5

References

Products affected by CVE-2022-31126

Roxy-Wi » Roxy-Wi » Version: N/A

cpe:2.3:a:roxy-wi:roxy-wi:-
Roxy-Wi » Roxy-Wi » Version: 1.0

cpe:2.3:a:roxy-wi:roxy-wi:1.0
Roxy-Wi » Roxy-Wi » Version: 1.1

cpe:2.3:a:roxy-wi:roxy-wi:1.1
Roxy-Wi » Roxy-Wi » Version: 1.10

cpe:2.3:a:roxy-wi:roxy-wi:1.10
Roxy-Wi » Roxy-Wi » Version: 1.10.1

cpe:2.3:a:roxy-wi:roxy-wi:1.10.1
Roxy-Wi » Roxy-Wi » Version: 1.10.2

cpe:2.3:a:roxy-wi:roxy-wi:1.10.2
Roxy-Wi » Roxy-Wi » Version: 1.10.2.1

cpe:2.3:a:roxy-wi:roxy-wi:1.10.2.1
Roxy-Wi » Roxy-Wi » Version: 1.3

cpe:2.3:a:roxy-wi:roxy-wi:1.3
Roxy-Wi » Roxy-Wi » Version: 1.4

cpe:2.3:a:roxy-wi:roxy-wi:1.4
Roxy-Wi » Roxy-Wi » Version: 1.4.1

cpe:2.3:a:roxy-wi:roxy-wi:1.4.1
Roxy-Wi » Roxy-Wi » Version: 1.6

cpe:2.3:a:roxy-wi:roxy-wi:1.6
Roxy-Wi » Roxy-Wi » Version: 1.9.1

cpe:2.3:a:roxy-wi:roxy-wi:1.9.1
Roxy-Wi » Roxy-Wi » Version: 2.0.2

cpe:2.3:a:roxy-wi:roxy-wi:2.0.2
Roxy-Wi » Roxy-Wi » Version: 3.2.13

cpe:2.3:a:roxy-wi:roxy-wi:3.2.13
Roxy-Wi » Roxy-Wi » Version: 3.3

cpe:2.3:a:roxy-wi:roxy-wi:3.3
Roxy-Wi » Roxy-Wi » Version: 3.4.4.6

cpe:2.3:a:roxy-wi:roxy-wi:3.4.4.6
Roxy-Wi » Roxy-Wi » Version: 3.4.4.7

cpe:2.3:a:roxy-wi:roxy-wi:3.4.4.7
Roxy-Wi » Roxy-Wi » Version: 3.4.5

cpe:2.3:a:roxy-wi:roxy-wi:3.4.5
Roxy-Wi » Roxy-Wi » Version: 3.4.5.1

cpe:2.3:a:roxy-wi:roxy-wi:3.4.5.1
Roxy-Wi » Roxy-Wi » Version: 4.4.1.0

cpe:2.3:a:roxy-wi:roxy-wi:4.4.1.0
Roxy-Wi » Roxy-Wi » Version: 5.1.1.0

cpe:2.3:a:roxy-wi:roxy-wi:5.1.1.0
Roxy-Wi » Roxy-Wi » Version: 5.1.4.0

cpe:2.3:a:roxy-wi:roxy-wi:5.1.4.0
Roxy-Wi » Roxy-Wi » Version: 5.2.0

cpe:2.3:a:roxy-wi:roxy-wi:5.2.0
Roxy-Wi » Roxy-Wi » Version: 5.2.1

cpe:2.3:a:roxy-wi:roxy-wi:5.2.1
Roxy-Wi » Roxy-Wi » Version: 5.2.2.0

cpe:2.3:a:roxy-wi:roxy-wi:5.2.2.0
Roxy-Wi » Roxy-Wi » Version: 5.2.3.0

cpe:2.3:a:roxy-wi:roxy-wi:5.2.3.0
Roxy-Wi » Roxy-Wi » Version: 5.2.4.0

cpe:2.3:a:roxy-wi:roxy-wi:5.2.4.0
Roxy-Wi » Roxy-Wi » Version: 5.2.5.0

cpe:2.3:a:roxy-wi:roxy-wi:5.2.5.0
Roxy-Wi » Roxy-Wi » Version: 5.2.6.0

cpe:2.3:a:roxy-wi:roxy-wi:5.2.6.0
Roxy-Wi » Roxy-Wi » Version: 5.3.0.0

cpe:2.3:a:roxy-wi:roxy-wi:5.3.0.0
Roxy-Wi » Roxy-Wi » Version: 5.3.1.0

cpe:2.3:a:roxy-wi:roxy-wi:5.3.1.0
Roxy-Wi » Roxy-Wi » Version: 5.3.2.0

cpe:2.3:a:roxy-wi:roxy-wi:5.3.2.0
Roxy-Wi » Roxy-Wi » Version: 5.3.3.0

cpe:2.3:a:roxy-wi:roxy-wi:5.3.3.0
Roxy-Wi » Roxy-Wi » Version: 5.3.4.0

cpe:2.3:a:roxy-wi:roxy-wi:5.3.4.0
Roxy-Wi » Roxy-Wi » Version: 5.3.5.0

cpe:2.3:a:roxy-wi:roxy-wi:5.3.5.0
Roxy-Wi » Roxy-Wi » Version: 5.3.6.0

cpe:2.3:a:roxy-wi:roxy-wi:5.3.6.0
Roxy-Wi » Roxy-Wi » Version: 5.4.0.0

cpe:2.3:a:roxy-wi:roxy-wi:5.4.0.0
Roxy-Wi » Roxy-Wi » Version: 5.4.1.0

cpe:2.3:a:roxy-wi:roxy-wi:5.4.1.0
Roxy-Wi » Roxy-Wi » Version: 5.4.2.0

cpe:2.3:a:roxy-wi:roxy-wi:5.4.2.0
Roxy-Wi » Roxy-Wi » Version: 5.4.3.0

cpe:2.3:a:roxy-wi:roxy-wi:5.4.3.0
Roxy-Wi » Roxy-Wi » Version: 5.5.0.0

cpe:2.3:a:roxy-wi:roxy-wi:5.5.0.0
Roxy-Wi » Roxy-Wi » Version: 5.5.1.0

cpe:2.3:a:roxy-wi:roxy-wi:5.5.1.0
Roxy-Wi » Roxy-Wi » Version: 6.0.0.0

cpe:2.3:a:roxy-wi:roxy-wi:6.0.0.0
Roxy-Wi » Roxy-Wi » Version: 6.0.1.0

cpe:2.3:a:roxy-wi:roxy-wi:6.0.1.0
Roxy-Wi » Roxy-Wi » Version: 6.0.2.0

cpe:2.3:a:roxy-wi:roxy-wi:6.0.2.0
Roxy-Wi » Roxy-Wi » Version: 6.0.3.0

cpe:2.3:a:roxy-wi:roxy-wi:6.0.3.0
Roxy-Wi » Roxy-Wi » Version: 6.1.0.0

cpe:2.3:a:roxy-wi:roxy-wi:6.1.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-31126

Products

Pricing

Contact Us