A recently identified critical security vulnerability in nginx-ui, a web-based management tool for Nginx, is currently being exploited in the wild. The flaw, designated as CVE-2026-33032, has a CVSS score of 9.8 and is categorized as an authentication bypass vulnerability.
Details of the Vulnerability
The vulnerability, codenamed MCPwn by Pluto Security, affects the Model Context Protocol (MCP) integration within nginx-ui. According to an advisory from the maintainers, two HTTP endpoints are exposed: /mcp and /mcp_message. While the /mcp endpoint requires both IP whitelisting and authentication, the /mcp_message endpoint only enforces IP whitelisting, which defaults to ‘allow all’—effectively bypassing authentication.
Exploitation Process
Researchers have indicated that attackers can exploit this vulnerability with minimal effort. The process involves sending an HTTP GET request to the /mcp endpoint to establish a session, followed by an HTTP POST request to the /mcp_message endpoint using the session ID. This allows attackers to invoke MCP tools without authentication, leading to potential modifications of Nginx configuration files and server reloads.
Impact and Mitigation
Successful exploitation could enable attackers to intercept traffic and harvest administrator credentials. Following responsible disclosure, a patch was released in version 2.3.4 on March 15, 2026. Users are strongly advised to update immediately or implement workarounds, such as adding middleware.AuthRequired() to the /mcp_message endpoint or changing the default IP allowlisting from ‘allow-all’ to ‘deny-all.’
Current Status and Recommendations
As of now, there are approximately 2,689 exposed instances of nginx-ui identified on the internet, with a significant concentration in regions including China, the U.S., and Germany. Organizations utilizing nginx-ui should prioritize updating to the latest version or disabling MCP functionality to mitigate risks associated with this vulnerability. The urgency of this situation is underscored by its classification as one of the 31 vulnerabilities actively exploited by threat actors in March 2026.
This article was produced by NeonPulse.today using human and AI-assisted editorial processes, based on publicly available information. Content may be edited for clarity and style.
