CVE-2026-22265

CVE Database · CVE-2026-22265

CVE-2026-22265

· HIGHAnalyzed

CVSS v3.1

7.5

EPSS

2.12%

Published

Jan 15, 2026

Modified

Feb 18, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to 8.2.8.2, command injection vulnerability exists in the log viewing functionality that allows authenticated users to execute arbitrary system commands. The vulnerability is in app/modules/roxywi/logs.py line 87, where the grep parameter is used twice - once sanitized and once raw. This vulnerability is fixed in 8.2.8.2.

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-78

Affected Products (1)

roxy-wi · roxy-wi (up to 8.2.8.2)vulnerable

References (3)

https://github.com/roxy-wi/roxy-wi/commit/f040d3338c4ba6f66127487361592e32e0188eee

Patch

https://github.com/roxy-wi/roxy-wi/releases/tag/v8.2.8.2

ProductRelease Notes

https://github.com/roxy-wi/roxy-wi/security/advisories/GHSA-mmmf-vh7m-rm47

ExploitVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs