In April 2022, a critical vulnerability was revealed in the NGINX LDAP-auth reference implementation. Attackers can use LDAP Injection to bypass authentication and gain access to restricted resources. This is particularly dangerous for environments using NGINX to proxy private instances of GitHub , Jenkins, or GitLab.
Version 1.18.0 is susceptible to several documented flaws, primarily affecting its DNS resolution and experimental authentication modules.
While NGINX version 1.18.0 was once a stable release, it is now associated with several critical security risks that attackers can exploit to gain unauthorized access or cause service outages. Security researchers and malicious actors have identified vulnerabilities ranging from to LDAP Injection within this specific version's ecosystem. Primary Vulnerabilities in NGINX 1.18.0
This is one of the most significant vulnerabilities for this version. It is an off-by-one error in the ngx_resolver_copy() function. An attacker capable of forging UDP packets from a DNS server can trigger a 1-byte memory overwrite . In certain conditions, this can lead to a worker process crash or full Remote Code Execution .