F5 NGINX Vulnerability - 20260520001¶
Overview¶
F5 identified a heap-based buffer overflow vulnerability in the NGINX ngx_http_rewrite_module affecting both NGINX Plus and Open Source. Unauthenticated attackers can cause a denial of service (DoS) by sending crafted HTTP requests that crash or restart NGINX worker processes.
What is vulnerable?¶
| Product(s) Affected | Version(s) | CVE | CVSS | Severity |
|---|---|---|---|---|
| NGINX Open Source | 0.6.27 through 1.30 | CVE-2026-42945 | 9.2 | Critical |
| NGINX Plus | R32 through R36 | CVE-2026-42945 |
9.2 | Critical |
What has been observed?¶
The WASOC has not received any reports of exploitation of this vulnerability on Western Australian Government networks at the time of writing. However, active exploitation has been observed in the wild, with attackers already weaponising the vulnerability.
Recommendation¶
The WASOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframes (refer Patch Management):
Additional References¶
- ACSC Guidance on Securing Edge Devices: https://www.cyber.gov.au/business-government/protecting-devices-systems/hardening-systems-applications/network-hardening/securing-edge-devices