“This exposes 12 MCP tools, including config writes with automatic nginx reload, to any host on the network. One unauthenticated API call is all it takes to inject a config and take over nginx,” said Pluto Security.
Leveraging MCPwn, an attacker would be able to intercept all traffic, harvest admin credentials, maintain persistent access, conduct infrastructure reconnaissance via nginx configuration files, and kill the service, the company said.
MCP attack surface
Nginx UI’s user base of hundreds of thousands is relatively small compared to the vast global popularity of the nginx web server. Many of its installations will also be internal and therefore not directly exposed to remote attack. However, using Shodan, Pluto Security was still able to find 2,689 vulnerable nginx UI instances reachable from the internet, it said.
