A critical authentication bypass in nginx-ui (CVE-2026-33032) enables unauthenticated attackers to interact with the /mcp_message endpoint and achieve a full Nginx server takeover, and exploitation has been observed in the wild. The issue can be chained with CVE-2026-27944 to retrieve node_secret from backups, and maintainers released nginx-ui 2.3.4 with fixes and recommended mitigations. #CVE-2026-33032 #nginx-ui
Keypoints
- CVE-2026-33032 is an authentication bypass in nginx-ui that can lead to complete Nginx server takeover.
- The /mcp_message endpoint relies only on IP filtering with a default empty whitelist, effectively allowing all access.
- An exploit chain uses a GET to /mcp to obtain a session ID and a POST to /mcp_message to execute commands without proper authentication.
- CVE-2026-27944 exposes backups (including node_secret, credentials, and keys) via /api/backup, enabling attackers to bypass MCP protections.
- nginx-ui 2.3.4 fixes the issue; recommended mitigations include enforcing authentication on /mcp_message, switching to deny-by-default IP allowlisting, restricting network access, and disabling MCP where possible.
Read More: https://thecyberexpress.com/cve-2026-33032-nginx-ui-server-takeover/