Nginx Restriction Bypass via Space Character in URI

Impact: High


A bug in Nginx allows an attacker to bypass security restrictions in certain configurations by using a specially crafted request. Some checks on a request URI are not executed on a character following an unescaped space character.


Upgrade the Nginx.

As a temporary workaround the following configuration can be used in each server{} block.

if ($request_uri ~ " ") {
    return 444;


Last updated on October 10, 2021

This issue is available in SmartScanner Professional

See Pricing