heise PlusAbo

DoS and malicious code attacks on NGINX web servers are conceivable

In current versions of NGINX Open Source and NGINX Plus, developers have closed a security vulnerability.

listen Print view
A symbolic update button.

(Image: Tatiana Popova/Shutterstock.com)

1 min. read
Security
By

Attackers can target web servers based on NGINX Open Source and NGINX Plus. The starting point is a now-closed software vulnerability. In the worst case, malicious code can compromise systems.

DoS and Malicious Code

In a warning message, the developers state that they have closed the security vulnerability (CVE-2026-9256 "high") in NGINX Open Source 1.30.2 and 1.31.1 and NGINX Plus 37.0.11, R32 P7, and R36 P5. So far, there are no reports from F5 that attackers are already exploiting the vulnerability.

The starting point is again the ngx_http_rewrite_module. Due to the vulnerability, errors occur in processing in this context, leading to a memory error. Attackers can exploit this with prepared HTTP requests to trigger DoS conditions. However, it can also lead to the execution of malicious code.

Videos by heise

Just a week ago, the module was vulnerable.

Attackers have already attacked PCs using it.

(des)

Don't miss any news – follow us on Facebook, LinkedIn or Mastodon.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.

Beliebte Bestenlisten

Alle Angebote
Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten