EXECUTIVE SUMMARY
A critical vulnerability (CVE-2026-27944) in Nginx UI allows unauthenticated attackers to download and decrypt full system backups, exposing sensitive configurations, credentials, and system data. Exploitation could lead to complete server compromise, data exfiltration, and unauthorized access to infrastructure. Immediate upgrading to Nginx UI version 2.3.3 or later is strongly recommended to mitigate the risk.
- CVE: CVE-2026-27944
- CVSS Score: 9.8
- Active Region: Global
- Affected Sector: Organizations using Nginx UI
- Affected Product: Nginx UI versions prior to 2.3.2
- Patched Version: Nginx UI version 2.3.3
- Severity: Critical
- Published Date: March 09, 2026
TECHNICAL DETAILS
- Target: Web servers and infrastructure systems running vulnerable Nginx UI administrative interfaces used for managing Nginx configurations and services.
- Root Cause: The vulnerability arises from missing authentication on backup-related API endpoints (CWE-306) and improper protection of sensitive backup data and encryption materials (CWE-311), allowing unauthorized users to download and decrypt system backups.
- Prerequisite for Exploitation: An attacker must have network access to the exposed Nginx UI interface running a vulnerable version (prior to 2.3.2). No authentication……
