[SECURITY] Possible Security Vuln

Question

[SECURITY] Possible Security Vuln

OmarLopez18 opened this issue 2 months ago · comments

Describe the bug
A connection from the NGNIX service attempt to gain access to my personal computer files, Bitdefender block it. A security vulnerability must exist. This has never happened before.

Nginx Proxy Manager Image Tag
github-dependabot-npm_and_yarn-docs-tar-6-2-1

Expected behavior
It should NOT try to access my stuff.

Screenshots

Operating System
Truenas Scale

Additional context
DNS request from NGINX

www.cloudflare.com
ip-ranges.amazonaws.com

Kevin Lopez · Answer 1 · Sat Apr 20 2024 09:44:07 GMT+0800 (China Standard Time)

Will try to isolate the docker container and monitor the connections attempts made from it.

Kevin Lopez · Answer 2 · Sat Apr 20 2024 09:46:54 GMT+0800 (China Standard Time)

@IgorDuino you think this may have to do with the vulnerability you found a couple of weeks ago?

Igor Kuzmenkov · Answer 3 · Sat Apr 20 2024 09:53:50 GMT+0800 (China Standard Time)

I'm not entirely sure. It would be helpful if you could provide logs so we can investigate further. We can discuss this incident on LinkedIn or Telegram if you prefer.