¡¾·ì϶¹«¸æ¡¿NGINX ngx_http_rewrite_module¶Ñ»º³åÇøÒç¶Âí½Å(CVE-2026-42945)

°ä²¼¹¦·ò 2026-05-15

Ò»¡¢·ì϶¸ÅÊö



0515·ì϶¸ÅÊö.png


NGINXÊÇÒ»¿î¸ß»úÄÜWeb·þÎñÆ÷¡¢·´Ïò´úÀí·þÎñÆ÷¼°¸ºÔØƽºâƽ̨£¬£¬£¬£¬£¬£¬£¬£¬¿í·ºÀûÓÃÓÚ»¥ÁªÍø¡¢ÔÆÍÆËã¼°ÆóÒµÒµÎñ³¡¾°¡£¡£¡£¡£¡£¡£ ¡£¡£ÆäÖ§³ÖHTTP´úÀí¡¢¸ºÔØƽºâ¡¢»º´æ¼Ó¿ì¡¢Á÷Á¿×ª·¢¼°°²È«½Ó¼û½ÚÔìµÈÖ°ÄÜ£¬£¬£¬£¬£¬£¬£¬£¬ÓµÓи߲¢·¢¡¢µÍ×ÊÔ´Õ¼ÓúͽýÝÄ£¿£¿£¿£¿£¿£¿£¿é»¯À©´óµÈÌص㣬£¬£¬£¬£¬£¬£¬£¬¿í·º²¿ÊðÓÚÍøÕ¾¡¢APIÍø¹Ø¼°Î¢·þÎñ¼Ü¹¹ÖС£¡£¡£¡£¡£¡£ ¡£¡£2026Äê5ÔÂ15ÈÕ£¬£¬£¬£¬£¬£¬£¬£¬8827Ì«Ñô¼¯ÍÅ°²È«Ó¦¼±ÏìÓ¦ÖÐÐÄ£¨VSRC£©¼à²âµ½NGINX ngx_http_rewrite_module¶Ñ»º³åÇøÒç¶Âí½Å¡£¡£¡£¡£¡£¡£ ¡£¡£¸Ã·ì϶ÔÚrewriteÖ¸Áîºó³ÖÐøʹÓÃrewrite¡¢if»òsetÖ¸Á£¬£¬£¬£¬£¬£¬£¬²¢½áºÏ䶨ÃûPCRE²¶»ñ×飨Èç$1¡¢$2£©¼°Ô̺¬Îʺţ¨?£©µÄ´úÌæ×Ö·û´®Ê±´¥·¢¡£¡£¡£¡£¡£¡£ ¡£¡£¹¥»÷Õß¿Éͨ¹ý»ú¹ØÌض¨HTTPÒªÇ󣬣¬£¬£¬£¬£¬£¬£¬µ¼ÖÂNGINX Worker¹ý³Ì²úÉúHeap-based Buffer Overflow£¬£¬£¬£¬£¬£¬£¬£¬½ø¶øÒý·¢Worker¹ý³Ì±ÀÀ£Óë·þÎñ³ÁÆô£¬£¬£¬£¬£¬£¬£¬£¬Ôì³É»Ø¾ø·þÎñ£¨DoS£©Ó°Ïì¡£¡£¡£¡£¡£¡£ ¡£¡£ÔÚ½ûÓÃASLRµÄϵͳ»·¾³Ï£¬£¬£¬£¬£¬£¬£¬£¬¹¥»÷Õß»¹¿ÉÄܽøÒ»²½ÊµÏÖÔ¶³Ì´úÂëÖ´ÐС£¡£¡£¡£¡£¡£ ¡£¡£



¶þ¡¢Ó°ÏìÁìÓò



1.0.0 <= NGINX Open Source < 1.31.0

0.6.27 <= NGINX Open Source <= 0.9.7

R32 <= NGINX Plus < R32 P6

R36 <= NGINX Plus < R36 P4

2.16.0 <= NGINX Instance Manager <= 2.21.1

5.9.0 <= F5 WAF for NGINX <= 5.12.1

4.9.0 <= NGINX App Protect WAF <= 4.16.0

5.1.0 <= NGINX App Protect WAF <= 5.8.0

F5 DoS for NGINX = 4.8.0

4.3.0 <= NGINX App Protect DoS <= 4.7.0

1.3.0 <= NGINX Gateway Fabric <= 1.6.2

2.0.0 <= NGINX Gateway Fabric <= 2.5.1

3.5.0 <= NGINX Ingress Controller <= 3.7.2

4.0.0 <= NGINX Ingress Controller <= 4.0.1

5.0.0 <= NGINX Ingress Controller <= 5.4.1



Èý¡¢°²È«´ëÊ©



3.1 Éý¼¶°æ±¾


¹Ù·½ÒÑ°ä²¼½¨¸´²¹¶¡£¡£¡£¡£¡£¡£ ¡£¡£¬£¬£¬£¬£¬£¬£¬£¬ÒÔ½¨¸´¸Ã·ì϶¡£¡£¡£¡£¡£¡£ ¡£¡£

NGINX Open Source >= 1.31.0

NGINX Open Source >= 1.30.1

NGINX Plus >= R32 P6

NGINX Plus >= R36 P4

NGINX Plus >= 37.0.0

NGINX Instance Manager£ºÉý¼¶ÖÁ¹Ù·½ºóÐø°²È«°æ±¾

F5 WAF for NGINX£ºÉý¼¶ÖÁ¹Ù·½ºóÐø°²È«°æ±¾

NGINX App Protect WAF£ºÉý¼¶ÖÁ¹Ù·½ºóÐø°²È«°æ±¾

F5 DoS for NGINX£ºÉý¼¶ÖÁ¹Ù·½ºóÐø°²È«°æ±¾

NGINX App Protect DoS£ºÉý¼¶ÖÁ¹Ù·½ºóÐø°²È«°æ±¾

NGINX Gateway Fabric£ºÉý¼¶ÖÁ¹Ù·½ºóÐø°²È«°æ±¾

NGINX Ingress Controller£ºÉý¼¶ÖÁ¹Ù·½ºóÐø°²È«°æ±¾

ÏÂÔØÁ´½Ó£º

https://my.f5.com/manage/s/article/K000161019/


3.2 һʱ´ëÊ©


ÔÚÎÞ·¨Á¢¼´Éý¼¶ÖÁ¹Ù·½½¨¸´°æ±¾µÄÇé¿öÏ£¬£¬£¬£¬£¬£¬£¬£¬½¨ÒéÁ¢¼´²é³­²¢Åú¸ÄËùÓÐÉæ¼°ngx_http_rewrite_moduleµÄRewrite¹æ¶¨£¬£¬£¬£¬£¬£¬£¬£¬Ô¤·À³ÖÐøʹÓÃ䶨ÃûPCRE²¶»ñ×飨Èç$1¡¢$2£©ÓëÔ̺¬?×Ö·ûµÄ´úÌæ×Ö·û´®×éºÏ¡£¡£¡£¡£¡£¡£ ¡£¡£

´æÔÚ·çÏÕµÄÅäÖÃʾÀý£º

rewrite ^/users/([0-9]+)/profile/(.*)$ /profile.php?id=$1&tab=$2 last

½¨ÒéÅú¸ÄΪ¶¨Ãû²¶»ñ×éд·¨£º

rewrite ^/users/(?[0-9]+)/profile/(?.*)$ /profile.php?id=$user_id&tab=$section last

ÅäÖÃÅú¸ÄʵÏֺ󣬣¬£¬£¬£¬£¬£¬£¬½¨ÒéÖ´ÐÐÒÔϺÅÁîÑéÖ¤ÅäÖò¢³ÁмÓÔØ·þÎñ£º

nginx -t

nginx -s reload


3.3 ͨÓý¨Òé


¶¨ÆÚ¸üÐÂϵͳ²¹¶¡£¡£¡£¡£¡£¡£ ¡£¡£¬£¬£¬£¬£¬£¬£¬£¬Ï÷¼õϵͳ·ì϶£¬£¬£¬£¬£¬£¬£¬£¬ÌáÉý·þÎñÆ÷µÄ°²È«ÐÔ¡£¡£¡£¡£¡£¡£ ¡£¡£

¼ÓǿϵͳºÍÍøÂçµÄ½Ó¼û½ÚÔ죬£¬£¬£¬£¬£¬£¬£¬Åú¸Ä·À»ðǽսÊõ£¬£¬£¬£¬£¬£¬£¬£¬¹Ø¹Ø·Ç±ØÒªµÄÀûÓö˿ڻò·þÎñ£¬£¬£¬£¬£¬£¬£¬£¬Ï÷¼õ½«Î£ÏÕ·þÎñ£¨ÈçSSH¡¢RDPµÈ£©Â¶³öµ½¹«Íø£¬£¬£¬£¬£¬£¬£¬£¬Ï÷¼õ¹¥»÷Ãæ¡£¡£¡£¡£¡£¡£ ¡£¡£

ʹÓÃÆóÒµ¼¶°²È«²úÆ·£¬£¬£¬£¬£¬£¬£¬£¬ÌáÉýÆóÒµµÄÍøÂ簲ȫ»úÄÜ¡£¡£¡£¡£¡£¡£ ¡£¡£

¼ÓǿϵͳÓû§ºÍȨÏÞÖÎÀí£¬£¬£¬£¬£¬£¬£¬£¬ÆôÓöà³É·ÖÈÏÖ¤»úÔìºÍ×îÓ×ȨÏÞ×¼Ôò£¬£¬£¬£¬£¬£¬£¬£¬Óû§ºÍÈí¼þȨÏÞӦά³ÖÔÚ×îµÍÏ޶ȡ£¡£¡£¡£¡£¡£ ¡£¡£ÆôÓÃÇ¿ÃÜÂëÕ½Êõ²¢ÉèÖÃΪ¶¨ÆÚÅú¸Ä¡£¡£¡£¡£¡£¡£ ¡£¡£


3.4 ²Î¿¼Á´½Ó


https://my.f5.com/manage/s/article/K000161019/https://nvd.nist.gov/vuln/detail/CVE-2026-42945