CVE-2022-31161: 
Roxy-WI vulnerability analysis and mitigation

Roxy-WI, a web interface for managing HAProxy, Nginx, and Keepalived servers, was found to contain a critical remote code execution vulnerability (CVE-2022-31161) affecting versions prior to 6.1.1.0. The vulnerability was discovered in the ssl_cert upload functionality within the options.py file, allowing unauthenticated remote attackers to execute arbitrary code on the target system (GitHub Advisory).

The vulnerability exists due to insufficient validation of user-supplied input in the ssl_cert upload function of the /app/options.py file. Remote attackers can exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable API endpoint. The vulnerability has been assigned a CVSS v3.1 base score of 10.0 (Critical), with attack vector: Network, attack complexity: Low, privileges required: None, user interaction: None, scope: Changed, and high impact on both confidentiality and integrity (GitHub Advisory, FortiGuard).

Successful exploitation of this vulnerability could lead to system compromise, allowing attackers to gain control of vulnerable systems. The vulnerability has high impact on both confidentiality and integrity of the affected system, with some impact on availability (FortiGuard).

Users are advised to upgrade to Roxy-WI version 6.1.1.0 or later, which contains patches for this vulnerability. The fix was released on July 15, 2022 (GitHub Release).