A critical flaw in Nginx UI, specifically in versions with Model Context Protocol support, is being actively exploited by attackers to bypass authentication and gain full control of servers. This vulnerability allows unauthorized access, enabling malicious actors to execute arbitrary commands and take over entire systems without needing credentials. The exploit has been observed in the wild, highlighting the urgent need for administrators to patch their systems and prevent potential breaches. Nginx users are advised to update their software to prevent exploitation, as the vulnerability can be leveraged to compromise sensitive data and disrupt operations. The fact that this flaw is being actively exploited1 underscores the importance of prompt action to mitigate potential damage. This vulnerability matters to security practitioners because it can be used to gain unauthorized access to sensitive systems, making it essential to prioritize patching and monitoring to prevent server takeover.