Nginx Null Byte Code Execution
Impact: High
Description
Allowing null byte character (ASCII 0x00) in the URL can lead to a severe security risk. If the user can manipulate file contents on the server, this vulnerability may result in arbitrary PHP code execution, enabling attackers to take control of the server and execute unauthorized commands.
Recommendation
Upgrade Nginx to a version that properly sanitizes input and disallows null byte characters in URLs.
References
- CVE-2013-2028
- CVE-2013-2028: Nginx Null Byte Code Execution Vulnerability
- CWE-158
- Nginx
- OWASP 2021-A6
👉 You might also like:
Drupal 'Drupalgeddon2' Remote Code Execution - CVE-2018-7600
HTTP Protocol Stack Remote Code Execution Vulnerability (DOS) - CVE-2021-31166
Nginx Restriction Bypass via Space Character in URI - CVE-2013-4547
BREACH attack - CVE-2013-3587
Last updated on May 13, 2024