Back to KEVs

CVE-2022-31161

Roxy-WI Vulnerable to Unauthenticated Remote Code Execution via ssl_cert Upload

Basic Information

CVE State
PUBLISHED
Reserved Date
May 18, 2022
Published Date
July 15, 2022
Last Updated
April 23, 2025
Vendor
hap-wi
Product
roxy-wi
Description
Roxy-WI is a Web interface for managing HAProxy, Nginx and Keepalived servers. Prior to version 6.1.1.0, the system command can be run remotely via the subprocess_execute function without processing the inputs received from the user in the /app/options.py file. Version 6.1.1.0 contains a patch for this issue.
Tags
nuclei_scanner

CVSS Scores

CVSS v3.1

10.0 - CRITICAL

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

SSVC Information

Exploitation
none
Automatable
Yes
Technical Impact
total

Exploit Status

Exploited in the Wild
Yes (2025-09-18 00:00:00 UTC) Source

References

https://github.com/hap-wi/roxy-wi/security/advisories/GHSA-pg3w-8p63-x483 https://github.com/hap-wi/roxy-wi/releases/tag/v6.1.1.0 http://packetstormsecurity.com/files/171652/Roxy-WI-6.1.1.0-Remote-Code-Execution.html

Known Exploited Vulnerability Information

Source Added Date
The Shadowserver (via CIRCL) 2025-09-18 00:00:00 UTC

Scanner Integrations

Scanner URL Date Detected
Nuclei https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-31161.yaml 2025-06-02 14:11:03 UTC

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Detected by Nuclei

  • Added to KEVIntel