CVE-2024-46256 | NginxProxyManager 2.11.3 Add Lets Encrypt Certificate requestLetsEncryptSsl command injection

CVE-2024-46256 | NginxProxyManager 2.11.3 Add Lets Encrypt Certificate requestLetsEncryptSsl command injection

A vulnerability classified as critical has been found in NginxProxyManager 2.11.3. Affected is the function requestLetsEncryptSsl of the component Add Lets Encrypt Certificate. The manipulation leads to command injection. This vulnerability is traded as CVE-2024-46256. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.