Skip to main content

Roxy Wi

13 CVEs product

Monthly

CVE-2026-22265 HIGH POC PATCH This Week

Authenticated command injection in Roxy-WI versions prior to 8.2.8.2 enables attackers to execute arbitrary system commands through improper sanitization of the grep parameter in log viewing functionality. Public exploit code exists for this vulnerability, affecting users managing HAProxy, Nginx, Apache, and Keepalived servers through the web interface. A patch is available in version 8.2.8.2 and later.

Apache Nginx Command Injection Roxy Wi
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2024-43804 HIGH POC This Week

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Apache Command Injection Nginx Roxy Wi
NVD GitHub
CVSS 3.1
8.8
EPSS
2.6%
CVE-2023-29004 MEDIUM POC This Month

hap-wi/roxy-wi is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Apache Path Traversal Nginx Roxy Wi
NVD GitHub
CVSS 3.1
6.5
EPSS
0.9%
CVE-2023-25804 MEDIUM POC This Month

Roxy-WI is a Web interface for managing Haproxy, Nginx, Apache, and Keepalived servers. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Apache Path Traversal Nginx Roxy Wi
NVD GitHub
CVSS 3.1
5.3
EPSS
0.8%
CVE-2023-25803 HIGH POC This Week

Roxy-WI is a Web interface for managing Haproxy, Nginx, Apache, and Keepalived servers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Apache Path Traversal Nginx Roxy Wi
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2023-25802 HIGH POC PATCH This Week

Roxy-WI is a Web interface for managing Haproxy, Nginx, Apache, and Keepalived servers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Apache Path Traversal Nginx Roxy Wi
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-31161 CRITICAL POC THREAT Act Now

Roxy-WI is a Web interface for managing HAProxy, Nginx and Keepalived servers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Nginx Roxy Wi
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
26.8%
CVE-2022-31137 CRITICAL POC PATCH THREAT Act Now

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Apache Command Injection Nginx Roxy Wi
NVD GitHub
CVSS 3.1
9.8
EPSS
90.4%
CVE-2022-31126 CRITICAL POC THREAT Act Now

Roxy-wi is an open source web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Apache Nginx Roxy Wi
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
49.9%
CVE-2022-31125 CRITICAL POC THREAT Act Now

Roxy-wi is an open source web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Apache Nginx Roxy Wi
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
19.7%
CVE-2021-38169 HIGH This Week

Roxy-WI through 5.2.2.0 allows command injection via /app/funct.py and /api/api_funct.py. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Roxy Wi
NVD GitHub
CVSS 3.1
8.8
EPSS
1.5%
CVE-2021-38168 HIGH This Week

Roxy-WI through 5.2.2.0 allows authenticated SQL injection via select_servers. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Roxy Wi
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
CVE-2021-38167 CRITICAL Act Now

Roxy-WI through 5.2.2.0 allows SQL Injection via check_login. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Roxy Wi
NVD GitHub
CVSS 3.1
9.8
EPSS
1.3%
EPSS 0% CVSS 7.5
HIGH POC PATCH This Week

Authenticated command injection in Roxy-WI versions prior to 8.2.8.2 enables attackers to execute arbitrary system commands through improper sanitization of the grep parameter in log viewing functionality. Public exploit code exists for this vulnerability, affecting users managing HAProxy, Nginx, Apache, and Keepalived servers through the web interface. A patch is available in version 8.2.8.2 and later.

Apache Nginx Command Injection +1
NVD GitHub
EPSS 3% CVSS 8.8
HIGH POC This Week

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Apache Command Injection +2
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

hap-wi/roxy-wi is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Apache Path Traversal Nginx +1
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM POC This Month

Roxy-WI is a Web interface for managing Haproxy, Nginx, Apache, and Keepalived servers. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Apache Path Traversal Nginx +1
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

Roxy-WI is a Web interface for managing Haproxy, Nginx, Apache, and Keepalived servers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Apache Path Traversal Nginx +1
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

Roxy-WI is a Web interface for managing Haproxy, Nginx, Apache, and Keepalived servers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Apache Path Traversal Nginx +1
NVD GitHub
EPSS 27% CVSS 9.8
CRITICAL POC THREAT Act Now

Roxy-WI is a Web interface for managing HAProxy, Nginx and Keepalived servers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Nginx Roxy Wi
NVD GitHub Exploit-DB
EPSS 90% CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Apache Command Injection +2
NVD GitHub
EPSS 50% CVSS 9.8
CRITICAL POC THREAT Act Now

Roxy-wi is an open source web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Apache Nginx +1
NVD GitHub Exploit-DB
EPSS 20% CVSS 9.8
CRITICAL POC THREAT Act Now

Roxy-wi is an open source web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Apache Nginx +1
NVD GitHub Exploit-DB
EPSS 2% CVSS 8.8
HIGH This Week

Roxy-WI through 5.2.2.0 allows command injection via /app/funct.py and /api/api_funct.py. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Roxy Wi
NVD GitHub
EPSS 1% CVSS 8.8
HIGH This Week

Roxy-WI through 5.2.2.0 allows authenticated SQL injection via select_servers. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Roxy Wi
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

Roxy-WI through 5.2.2.0 allows SQL Injection via check_login. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Roxy Wi
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy