Remote Code Execution Vulnerability in Roxy-WI Web Interface for Load Balancers
CVE-2026-45556
What is CVE-2026-45556?
A vulnerability in Roxy-WI, specifically in the management of load balancers like Haproxy, Nginx, Apache, and Keepalived, allows an attacker to achieve remote code execution. The flaw arises from insecure handling of the 'config_file_name' form field, which allows arbitrary path traversal. This misconfiguration fails to properly validate the destination path, enabling the attacker to craft malicious filenames that lead to the execution of arbitrary scripts with root privileges on the load balancer. Effective exploitation can result in significant compromises, allowing attackers to insert cron jobs that are executed under high privileges. At the time of reporting, there are no known patches available to remediate this vulnerability.
Affected Version(s)
roxy-wi <= 8.2.6.4
