Rewterz Threat Advisory – Multiple Google Chrome Code Execution Vulnerabilities
May 27, 2021Rewterz Threat Alert – Malicious Covid-19 URLs
May 27, 2021Rewterz Threat Advisory – Multiple Google Chrome Code Execution Vulnerabilities
May 27, 2021Rewterz Threat Alert – Malicious Covid-19 URLs
May 27, 2021Severity
High
Analysis Summary
CVE-2021-23017
Nginx could allow a remote attacker to execute arbitrary code on the system, caused by an off-by-one error in ngx_resolver_copy() while processing DNS responses. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
Unauthorized Access
Affected Vendors
F5
Affected Products
- F5 NGINX Open Source 0.6.18
- F5 NGINX Open Source 1.20.0
- F5 NGINX Plus R13
- F5 NGINX Plus R24
Remediation
Refer to F5 Security Advisory K36926027 for patch, upgrade or suggested workaround information. http://nginx.org/