{"id":"CVE-2024-3736","details":"A vulnerability was found in cym1102 nginxWebUI up to 3.9.9. It has been declared as problematic. Affected by this vulnerability is the function upload of the file /adminPage/main/upload. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-260575.","modified":"2026-04-12T08:40:51.803997Z","published":"2024-04-13T14:15:07.490Z","references":[{"type":"ADVISORY","url":"https://vuldb.com/?id.260575"},{"type":"REPORT","url":"https://github.com/cym1102/nginxWebUI/issues/138"},{"type":"REPORT","url":"https://vuldb.com/?ctiid.260575"},{"type":"EVIDENCE","url":"https://github.com/cym1102/nginxWebUI/files/14818455/nginxwebui.rce.3.9.9.pdf"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/cym1102/nginxWebUI","events":[{"introduced":"0"},{"fixed":"ab4c4402df97c15000ae9562ea1a28f1f1ccf447"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"4.2.4"}]}}],"versions":["3.4.6","3.4.7","3.4.8","3.7.1","3.7.9","3.8.5","3.8.6","3.8.7","3.8.8","3.8.9","3.9.0","3.9.3","3.9.6","3.9.7","4.0.1","4.0.2","4.0.3","4.0.4","4.0.5","4.0.6","4.0.8","4.1.0","4.1.1","4.1.2","4.1.3","4.1.4","4.1.5","4.1.6","4.1.8","4.1.9","4.2.0","4.2.1","4.2.2"],"database_specific":{"vanir_signatures_modified":"2026-04-12T08:40:51Z","vanir_signatures":[{"signature_version":"v1","signature_type":"Function","id":"CVE-2024-3736-1cde442f","digest":{"function_hash":"49897244421777873634003097116603658917","length":1116},"deprecated":false,"target":{"file":"src/main/java/com/cym/controller/adminPage/ConfController.java","function":"isAvailableCmd"},"source":"https://github.com/cym1102/nginxWebUI/commit/ab4c4402df97c15000ae9562ea1a28f1f1ccf447"},{"signature_version":"v1","signature_type":"Line","id":"CVE-2024-3736-2848ba1d","digest":{"line_hashes":["67755800579929002340232257817755291992","196616591386433573803933084442893714599","191927142660423373444579055769233207256","219994681005878008701367471444132265902","61918460595045540169029454743466573867","114784209546599928180727478642806129973","142770498407168204051886473685632505884","11682867909429525362418816241129500231","214325679564580627684367240595297830631","141715636002604562419385477548231319893","321102810319959576253146323202792383723","84698717498011168292324435327566559643","293627414063901801943152387172074596658","294670387930032161966031631186650471396","317610866041322343818705059936482324336","293147201570789349497753744431133059684","292874009699787266608270557418997756192","101347813000581176296946888300882064446","329442297202359594576973949682027225595","207924346024817696715987253374966870970","306261487524718257844194713540630407080"],"threshold":0.9},"deprecated":false,"target":{"file":"src/main/java/com/cym/controller/adminPage/WwwController.java"},"source":"https://github.com/cym1102/nginxWebUI/commit/ab4c4402df97c15000ae9562ea1a28f1f1ccf447"},{"signature_version":"v1","signature_type":"Function","id":"CVE-2024-3736-3b31f93d","digest":{"function_hash":"239803979691984115683522952978675427665","length":513},"deprecated":false,"target":{"file":"src/test/java/com/cym/TestUtils.java","function":"test"},"source":"https://github.com/cym1102/nginxWebUI/commit/ab4c4402df97c15000ae9562ea1a28f1f1ccf447"},{"signature_version":"v1","signature_type":"Function","id":"CVE-2024-3736-44c3063c","digest":{"function_hash":"197478435534090666392307847606304855798","length":1169},"deprecated":false,"target":{"file":"src/main/java/com/cym/controller/adminPage/ConfController.java","function":"runCmd"},"source":"https://github.com/cym1102/nginxWebUI/commit/ab4c4402df97c15000ae9562ea1a28f1f1ccf447"},{"signature_version":"v1","signature_type":"Line","id":"CVE-2024-3736-4e75e141","digest":{"line_hashes":["151620325199346896901083571005931033556","88891455815361392825485503676964136081","297060861066225806007527378619033379263","79687014044746243531327677851459480900","96076014252909215860652224579786831537","241198300202770762327859491488063049963","286355685868846254371838363417190015232","49870901457530678190832326612889449110","33140819939701920886444208428625945660","268449297370341590987659644451118989615","163228843304902328395192382699667917769","138846528866575940576674276872321418958","237335252916113966318366483973971685699","161064597717574426610811217048969215710","166827146934994823740868056000442687152","87479834925201663896791450035689663513","330240026136020868593980851792697526520","10203032569479519278626410484388100638","65622477945351017122526297008056806197","135768188003044261676543112477157807185","74724623108115609131503202661672338957","183629624383360822928245343100931225598","58057783776366899742950422509142618506","4946966234836863216364872143276852700","51746269791313992810205928229543823624","132971711851013273732583678463607166455","159563889660478867709018960241728977711","78580350839839441495737660174797704308","65269019684246585264863377762741386798","33501340258939880544324978379430392957"],"threshold":0.9},"deprecated":false,"target":{"file":"src/test/java/com/cym/TestUtils.java"},"source":"https://github.com/cym1102/nginxWebUI/commit/ab4c4402df97c15000ae9562ea1a28f1f1ccf447"},{"signature_version":"v1","signature_type":"Line","id":"CVE-2024-3736-5f2e2cbe","digest":{"line_hashes":["59635783959213121776093107767496174875","103667823273552353210801858182872328950","293126061567137828463349972212065424577","110140576020314289801999797200245225628","26616353138599015989934564500878347578","285817258640456131566236554797702797472","102104979872402127540826371506942856668","65685768719505046513662659201079823613","188783518147730913597683689273198473243","86883710568954439286480912684308283563","164931828944475813210176221067146084365","330513861065011818321118321245574361823","194292594220690865628546780559741637918","331520926987438473026108477722673114821","48170480405967174712258311018721023203","322339874344113404028344525778115963110","75971821140936534276118827088746520090","307992174174662048311359616934191841990","182992868940120584872362909994573510564","157073774495166411510259682407441418560","257182800562944598119147195057305401116","22159412253493585437383489526011218255","194721244936178366141806753621147840480","305666254399957047982434998164931471823","318575589565960763808320397238921080040","309238335520966070531124020147390677431","323391119501727700245557929801784994308","213204314391428223504241819726055377794","7757898747314737925313669532603071771","298315858426290636217100017966488204468","240912406880567132901496820379180710921","236062323528779651233668128702563950664","33501560762012979668705747606587588350","320676009359539242078776357145266145207","199615715928095522958052561233422298939","201179750259384802464170974678910539475","165817902805072517858921024241782910415","129499042915847146817486276991596172054","323002783584449908664169657357845778747","261051354556200340538146253399625174113","169770469579968241933081592903550925735","264092664229778474663802888889691638988","30859723867980695318957329957250382487","162931254035723091557063642730021944039","27068357738632376128429361191344448833","223959113879020620635744152474423562702","177824564714090319862749623603448104941","252663560806684838923682493160907947234","27816278746048092453602561712354035533","119979699323048703568289784521032916468","227404930788667725831221334856347063148","300718702234106722708849926937837546691","205658639704082995460082956878798635695","49833288988170181383187373570867140590","226587021814785622689645486455619168258","130819282841032652761361104331020126210","57828279416330534970176986077608707229","272690414653689315459513881642225871926","647202582705556610895864991787439441","119258988697698457769296765622298402469","152490047751476459365819632180302600472","320404653808668836913013229462789393486","115479549042979422232064350448721916806"],"threshold":0.9},"deprecated":false,"target":{"file":"src/main/java/com/cym/controller/adminPage/ConfController.java"},"source":"https://github.com/cym1102/nginxWebUI/commit/ab4c4402df97c15000ae9562ea1a28f1f1ccf447"},{"signature_version":"v1","signature_type":"Function","id":"CVE-2024-3736-9497f787","digest":{"function_hash":"262228518881109905987186936016048569805","length":1399},"deprecated":false,"target":{"file":"src/main/java/com/cym/controller/adminPage/ConfController.java","function":"reload"},"source":"https://github.com/cym1102/nginxWebUI/commit/ab4c4402df97c15000ae9562ea1a28f1f1ccf447"},{"signature_version":"v1","signature_type":"Function","id":"CVE-2024-3736-a00170b8","digest":{"function_hash":"211654982197064097236206354020454123838","length":1963},"deprecated":false,"target":{"file":"src/main/java/com/cym/service/ConfService.java","function":"buildDenyAllow"},"source":"https://github.com/cym1102/nginxWebUI/commit/ab4c4402df97c15000ae9562ea1a28f1f1ccf447"},{"signature_version":"v1","signature_type":"Line","id":"CVE-2024-3736-a0a8cc8c","digest":{"line_hashes":["69932146969355409186479477948615508338","194969388582320489881011375416286594975","98385126379448139050647337559282715254","202099068221953810615281774872441604343","176321903744346206795151053599925819625","258671489758811523499947934579864923782","282069701913182172115612924096313811961","215307764977754851870385806941765305137"],"threshold":0.9},"deprecated":false,"target":{"file":"src/main/java/com/cym/service/ConfService.java"},"source":"https://github.com/cym1102/nginxWebUI/commit/ab4c4402df97c15000ae9562ea1a28f1f1ccf447"},{"signature_version":"v1","signature_type":"Function","id":"CVE-2024-3736-a7d36fb1","digest":{"function_hash":"1755130129489643756908453761755463515","length":520},"deprecated":false,"target":{"file":"src/main/java/com/cym/controller/adminPage/ConfController.java","function":"saveCmd"},"source":"https://github.com/cym1102/nginxWebUI/commit/ab4c4402df97c15000ae9562ea1a28f1f1ccf447"},{"signature_version":"v1","signature_type":"Function","id":"CVE-2024-3736-c8e2990c","digest":{"function_hash":"308385477968951436862573847556027552321","length":122},"deprecated":false,"target":{"file":"src/test/java/com/cym/TestUtils.java","function":"main"},"source":"https://github.com/cym1102/nginxWebUI/commit/ab4c4402df97c15000ae9562ea1a28f1f1ccf447"},{"signature_version":"v1","signature_type":"Function","id":"CVE-2024-3736-caac5577","digest":{"function_hash":"109190984288498229146475122336706847193","length":581},"deprecated":false,"target":{"file":"src/main/java/com/cym/controller/adminPage/WwwController.java","function":"addOver"},"source":"https://github.com/cym1102/nginxWebUI/commit/ab4c4402df97c15000ae9562ea1a28f1f1ccf447"}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-3736.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}