Critical nginx-ui Flaw Allows Full Server Control

Critical nginx-ui Flaw Allows Full Server Control

Posted on By CWS

A newly uncovered security vulnerability in nginx-ui, a popular open-source tool for managing Nginx servers, is being actively exploited, posing significant risks to users. Identified as CVE-2026-33032, the flaw has been assigned a CVSS score of 9.8, indicating its critical nature. This authentication bypass vulnerability allows attackers to gain control over Nginx services, a situation that has been termed ‘MCPwn’ by Pluto Security.

Details of the Vulnerability

The vulnerability arises from the nginx-ui’s MCP integration, which exposes two HTTP endpoints: /mcp and /mcp_message. While the /mcp endpoint requires both IP whitelisting and authentication, the /mcp_message endpoint only requires IP whitelisting. However, the default IP whitelist is set to allow all, leading to potential unauthorized access.

Researcher Yotam Perkal from Pluto Security discovered that attackers can exploit this flaw with two simple HTTP requests. First, they send a GET request to the /mcp endpoint to establish a session and acquire a session ID. Then, using this session ID, they send a POST request to the /mcp_message endpoint, executing any MCP tool without needing authentication.

Impact and Exploitation

The exploitation of this vulnerability can enable attackers to alter Nginx configurations, restart servers, and even intercept administrator credentials. The flaw was patched on March 15, 2026, in version 2.3.4. Users are advised to update immediately or implement workarounds such as enforcing authentication on the /mcp_message endpoint or altering the IP whitelist settings.

A report by Recorded Future highlights CVE-2026-33032 as one of the most exploited vulnerabilities in March 2026. Despite the patch, the exact scale of exploitation remains unclear.

Recommendations and Future Outlook

Data from Shodan indicates nearly 2,689 nginx-ui instances are exposed online, predominantly in China, the U.S., Indonesia, Germany, and Hong Kong. Organizations using nginx-ui should urgently update to version 2.3.4 or disable MCP functionality as a temporary measure.

This issue follows the detection of other vulnerabilities in the Atlassian MCP server, emphasizing the need for heightened vigilance in network security. The swift action to address these flaws is crucial to prevent unauthorized access and potential data breaches.

The discovery of such vulnerabilities underscores the importance of maintaining up-to-date software and implementing robust security measures to protect against emerging threats.

The Hacker News Tags:, , , , , , , , ,

Related Posts

Russian Hacker Jailed for Botnet Ransomware Crimes Russian Hacker Jailed for Botnet Ransomware Crimes The Hacker News
[Webinar] Learn How Leading Security Teams Reduce Attack Surface Exposure with DASR [Webinar] Learn How Leading Security Teams Reduce Attack Surface Exposure with DASR The Hacker News
Scattered Spider Behind Cyberattacks on M&S and Co-op, Causing Up to 2M in Damages Scattered Spider Behind Cyberattacks on M&S and Co-op, Causing Up to $592M in Damages The Hacker News
Speagle Malware Exploits Security Software for Data Theft Speagle Malware Exploits Security Software for Data Theft The Hacker News
Apache ActiveMQ Vulnerability Exploited, Urgent Fix Advised Apache ActiveMQ Vulnerability Exploited, Urgent Fix Advised The Hacker News
Microsoft Unveils Windows Terminal Exploit in ClickFix Campaign Microsoft Unveils Windows Terminal Exploit in ClickFix Campaign The Hacker News