F5 Networks Nginx Agent
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in F5 Networks Nginx Agent.
Recent F5 Networks Nginx Agent Security Advisories
| Advisory | Title | Published |
|---|---|---|
| K000161971 | K000161971: NGINX Agent vulnerability CVE-2026-60062 | July 15, 2026 |
| K000140630 | K000140630: NGINX Agent vulnerability CVE-2024-7634 | August 22, 2024 |
| K000133135 | K000133135 : NGINX Agent vulnerability CVE-2023-1550 | March 29, 2023 |
By the Year
In 2026 there have been 1 vulnerability in F5 Networks Nginx Agent with an average score of 6.4 out of ten. Nginx Agent did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2026 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 1 | 6.40 |
| 2025 | 0 | 0.00 |
| 2024 | 1 | 4.90 |
| 2023 | 1 | 5.50 |
It may take a day or so for new Nginx Agent vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent F5 Networks Nginx Agent Security Vulnerabilities
NGINX Agent config_dirs Path Traversal RCE via Low-Priv Priv Esc
CVE-2026-60062
6.4 - Medium
- July 15, 2026
The NGINX Agent config_dirs directive allows a low-privileged attacker to gain limited read and write access to files outside of the designated secure directory. The config_dirs directive required for this issue can also be configured through NGINX Instance Manager. A successful exploit may allow an attacker to cross a security boundary. Impact: A remotely authenticated low-privileged attacker could gain limited read and write access outside of the list of directories specified in the NGINX Agent configuration. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Directory traversal
NGINX Agent config_dirs Bypass: External File Write
CVE-2024-7634
4.9 - Medium
- August 22, 2024
NGINX Agent's "config_dirs" restriction feature allows a highly privileged attacker to gain the ability to write/overwrite files outside of the designated secure directory.
Directory traversal
NGINX Agent Log Disclosure v2.02.23.3: TRACE Logs Expose Sensitive Data
CVE-2023-1550
5.5 - Medium
- March 29, 2023
Insertion of Sensitive Information into log file vulnerability in NGINX Agent. NGINX Agent version 2.0 before 2.23.3 inserts sensitive information into a log file. An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when the non-default trace level logging is enabled. Note: NGINX Agent is included with NGINX Instance Manager and used in conjunction with NGINX API Connectivity Manager, and NGINX Management Suite Security Monitoring.
Insertion of Sensitive Information into Log File
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for F5 Networks Nginx Agent or by F5 Networks? Click the Watch button to subscribe.