Nginx Agent F5 Networks Nginx Agent

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in F5 Networks Nginx Agent.

Recent F5 Networks Nginx Agent Security Advisories

Advisory Title Published
K000161971 K000161971: NGINX Agent vulnerability CVE-2026-60062 July 15, 2026
K000140630 K000140630: NGINX Agent vulnerability CVE-2024-7634 August 22, 2024
K000133135 K000133135 : NGINX Agent vulnerability CVE-2023-1550 March 29, 2023

By the Year

In 2026 there have been 1 vulnerability in F5 Networks Nginx Agent with an average score of 6.4 out of ten. Nginx Agent did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2026 as compared to last year.

Year Vulnerabilities Average Score
2026 1 6.40
2025 0 0.00
2024 1 4.90
2023 1 5.50

It may take a day or so for new Nginx Agent vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent F5 Networks Nginx Agent Security Vulnerabilities

NGINX Agent config_dirs Path Traversal RCE via Low-Priv Priv Esc
CVE-2026-60062 6.4 - Medium - July 15, 2026

The NGINX Agent config_dirs directive allows a low-privileged attacker to gain limited read and write access to files outside of the designated secure directory. The config_dirs directive required for this issue can also be configured through NGINX Instance Manager. A successful exploit may allow an attacker to cross a security boundary. Impact: A remotely authenticated low-privileged attacker could gain limited read and write access outside of the list of directories specified in the NGINX Agent configuration. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Directory traversal

NGINX Agent config_dirs Bypass: External File Write
CVE-2024-7634 4.9 - Medium - August 22, 2024

NGINX Agent's "config_dirs" restriction feature allows a highly privileged attacker to gain the ability to write/overwrite files outside of the designated secure directory.

Directory traversal

NGINX Agent Log Disclosure v2.02.23.3: TRACE Logs Expose Sensitive Data
CVE-2023-1550 5.5 - Medium - March 29, 2023

Insertion of Sensitive Information into log file vulnerability in NGINX Agent. NGINX Agent version 2.0 before 2.23.3 inserts sensitive information into a log file. An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when the non-default trace level logging is enabled. Note: NGINX Agent is included with NGINX Instance Manager and used in conjunction with NGINX API Connectivity Manager, and NGINX Management Suite Security Monitoring.

Insertion of Sensitive Information into Log File

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for F5 Networks Nginx Agent or by F5 Networks? Click the Watch button to subscribe.

F5 Networks
Vendor

subscribe