CVE-2026-42223
Last modified
CVE-2026-42223 is a medium-severity vulnerability rated 6.5/10 on the CVSS scale. Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.8, the GetSettings API handler (api/settings/settings.go:24-65) serializes all settings structs to JSON and returns them to authenticated users. EPSS estimates a 0.29% chance of exploitation in the next 30 days.
Description
Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.8, the GetSettings API handler (api/settings/settings.go:24-65) serializes all settings structs to JSON and returns them to authenticated users. Many sensitive fields are tagged with protected:"true" - however, this tag is only enforced during writes (via ProtectedFill in SaveSettings) and is completely ignored during reads. This exposes 40+ protected fields including JwtSecret (enabling auth token forgery), NodeSecret (enabling cluster node impersonation), OIDC ClientSecret (enabling OAuth account takeover), and the IP whitelist configuration. This issue has been patched in version 2.3.8.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Nginxui | Nginx Ui | < 2.3.8 |
References
- https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-q4w7-56hr-83rmExploit, Vendor Advisory
- https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-q4w7-56hr-83rmExploit, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2026-42223?
How severe is CVE-2026-42223?
How do I fix CVE-2026-42223?
Are you affected by CVE-2026-42223?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST