According to researchers, a previously unknown 18-year-old flaw in NGINX servers has been exploited by hackers just days after the security issue was revealed. The flaw, which affects version 1.13.6 and earlier, has left exposed servers vulnerable to attack.
NGINX is a widely used web server and reverse proxy software, and the vulnerability has left many organisations at risk. Researchers say the issue has already been exploited in the wild, with hackers targeting exposed servers.
The researchers behind the discovery of the flaw are urging organisations to update their NGINX installations to the latest version as soon as possible. They are also warning users to be cautious when interacting with untrusted websites, as the vulnerability could be used to carry out malicious attacks.
The researchers, from the NGINX security team, say they have not seen any evidence of widespread exploitation of the issue, but warn that hackers may not be aware of the vulnerability yet.
The discovery of the flaw highlights the ongoing need for organisations to prioritise security and regularly update their software installations. It also underscores the importance of responsible disclosure of security vulnerabilities, as the researchers say they disclosed the issue to NGINX as soon as possible.
NGINX is a widely used software, and the vulnerability has left many organisations at risk. The researchers say that organisations should update their NGINX installations to the latest version as soon as possible to mitigate the risk of attack.