Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
20 vulnerabilities found for CyberPanel by Cyberpanel
CVE-2021-47949 (GCVE-0-2021-47949)
Vulnerability from nvd – Published: 2026-05-10 12:52 – Updated: 2026-05-11 12:51
VLAI
Title
CyberPanel 2.1 Authenticated Remote Code Execution via Symlink Attack
Summary
CyberPanel 2.1 contains a command execution vulnerability that allows authenticated attackers to read arbitrary files and execute remote code by exploiting symlink attacks through the filemanager controller endpoint. Attackers can manipulate the completeStartingPath parameter in POST requests to /filemanager/controller to create symbolic links, read sensitive files like database credentials, and execute arbitrary shell commands through the /websites/fetchFolderDetails endpoint.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/50230 | exploit |
| https://cyberpanel.net/ | product |
| https://github.com/usmannasir/cyberpanel | product |
| https://www.vulncheck.com/advisories/cyberpanel-a… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cyberpanel | CyberPanel |
Affected:
<= 2.1
|
Date Public
2021-08-27 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47949",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-11T12:50:59.565034Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T12:51:17.987Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CyberPanel",
"vendor": "Cyberpanel",
"versions": [
{
"status": "affected",
"version": "\u003c= 2.1"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cyberpanel:cyberpanel:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Numan T\u00fcrle"
}
],
"datePublic": "2021-08-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "CyberPanel 2.1 contains a command execution vulnerability that allows authenticated attackers to read arbitrary files and execute remote code by exploiting symlink attacks through the filemanager controller endpoint. Attackers can manipulate the completeStartingPath parameter in POST requests to /filemanager/controller to create symbolic links, read sensitive files like database credentials, and execute arbitrary shell commands through the /websites/fetchFolderDetails endpoint."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-10T12:52:10.631Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-50230",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/50230"
},
{
"name": "Official Product Homepage",
"tags": [
"product"
],
"url": "https://cyberpanel.net/"
},
{
"name": "Product Reference",
"tags": [
"product"
],
"url": "https://github.com/usmannasir/cyberpanel"
},
{
"name": "VulnCheck Advisory: CyberPanel 2.1 Authenticated Remote Code Execution via Symlink Attack",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/cyberpanel-authenticated-remote-code-execution-via-symlink-attack"
}
],
"title": "CyberPanel 2.1 Authenticated Remote Code Execution via Symlink Attack",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2021-47949",
"datePublished": "2026-05-10T12:52:10.631Z",
"dateReserved": "2026-02-01T11:24:18.719Z",
"dateUpdated": "2026-05-11T12:51:17.987Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-41473 (GCVE-0-2026-41473)
Vulnerability from nvd – Published: 2026-04-24 20:40 – Updated: 2026-04-27 13:47
VLAI
Title
CyberPanel < 2.4.4 Unauthenticated API Access via AI Scanner Endpoints
Summary
CyberPanel versions prior to 2.4.4 contain an authentication bypass vulnerability in the AI Scanner worker API endpoints that allows unauthenticated remote attackers to write arbitrary data to the database by sending requests to the /api/ai-scanner/status-webhook and /api/ai-scanner/callback endpoints. Attackers can exploit the lack of authentication checks to cause denial of service through storage exhaustion, corrupt scan history records, and pollute database fields with malicious data.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://itsrez.re/post/cyberpanel-rce | technical-descriptionexploit |
| https://github.com/usmannasir/cyberpanel/commit/0… | patch |
| https://www.vulncheck.com/advisories/cyberpanel-u… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| usmannasir | cyberpanel |
Affected:
0 , < 2.4.4
(semver)
Unaffected: 0a099b1b193946555fbdd387a28486b1521f9961 (git) |
Date Public
2026-01-18 17:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-41473",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-27T13:47:19.457775Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-27T13:47:41.253Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "cyberpanel",
"repo": "https://github.com/usmannasir/cyberpanel",
"vendor": "usmannasir",
"versions": [
{
"lessThan": "2.4.4",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "0a099b1b193946555fbdd387a28486b1521f9961",
"versionType": "git"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Djibril Mounkoro"
}
],
"datePublic": "2026-01-18T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "CyberPanel versions prior to\u0026nbsp;2.4.4 contain an authentication bypass vulnerability in the AI Scanner worker API endpoints that allows unauthenticated remote attackers to write arbitrary data to the database by sending requests to the /api/ai-scanner/status-webhook and /api/ai-scanner/callback endpoints. Attackers can exploit the lack of authentication checks to cause denial of service through storage exhaustion, corrupt scan history records, and pollute database fields with malicious data.\u003cbr\u003e"
}
],
"value": "CyberPanel versions prior to\u00a02.4.4 contain an authentication bypass vulnerability in the AI Scanner worker API endpoints that allows unauthenticated remote attackers to write arbitrary data to the database by sending requests to the /api/ai-scanner/status-webhook and /api/ai-scanner/callback endpoints. Attackers can exploit the lack of authentication checks to cause denial of service through storage exhaustion, corrupt scan history records, and pollute database fields with malicious data."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-24T20:40:36.173Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"technical-description",
"exploit"
],
"url": "https://itsrez.re/post/cyberpanel-rce"
},
{
"tags": [
"patch"
],
"url": "https://github.com/usmannasir/cyberpanel/commit/0a099b1b193946555fbdd387a28486b1521f9961"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/cyberpanel-unauthenticated-api-access-via-ai-scanner-endpoints"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "CyberPanel \u003c 2.4.4 Unauthenticated API Access via AI Scanner Endpoints",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-41473",
"datePublished": "2026-04-24T20:40:36.173Z",
"dateReserved": "2026-04-20T16:07:47.312Z",
"dateUpdated": "2026-04-27T13:47:41.253Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-41472 (GCVE-0-2026-41472)
Vulnerability from nvd – Published: 2026-04-24 20:40 – Updated: 2026-04-27 13:37
VLAI
Title
CyberPanel < 2.4.4 Stored XSS via AI Scanner Dashboard
Summary
CyberPanel versions prior to 2.4.4 contain a stored cross-site scripting vulnerability in the AI Scanner dashboard where the POST /api/ai-scanner/callback endpoint lacks authentication and allows unauthenticated attackers to inject malicious JavaScript by overwriting the findings_json field of ScanHistory records. Attackers can inject JavaScript that executes in an administrator's authenticated session when they visit the AI Scanner dashboard, allowing them to issue same-origin requests to plant cron jobs and achieve remote code execution on the server.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://itsrez.re/post/cyberpanel-rce | technical-descriptionexploit |
| https://github.com/usmannasir/cyberpanel/commit/0… | patch |
| https://www.vulncheck.com/advisories/cyberpanel-s… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| usmannasir | cyberpanel |
Affected:
0 , < 2.4.4
(semver)
Unaffected: 0a099b1b193946555fbdd387a28486b1521f9961 (git) |
Date Public
2026-01-18 17:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-41472",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-27T13:37:10.501228Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-27T13:37:16.906Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "cyberpanel",
"repo": "https://github.com/usmannasir/cyberpanel",
"vendor": "usmannasir",
"versions": [
{
"lessThan": "2.4.4",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "0a099b1b193946555fbdd387a28486b1521f9961",
"versionType": "git"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Djibril Mounkoro"
}
],
"datePublic": "2026-01-18T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "CyberPanel versions prior to\u0026nbsp;2.4.4 contain a stored cross-site scripting vulnerability in the AI Scanner dashboard where the POST /api/ai-scanner/callback endpoint lacks authentication and allows unauthenticated attackers to inject malicious JavaScript by overwriting the findings_json field of ScanHistory records. Attackers can inject JavaScript that executes in an administrator\u0027s authenticated session when they visit the AI Scanner dashboard, allowing them to issue same-origin requests to plant cron jobs and achieve remote code execution on the server.\u003cbr\u003e"
}
],
"value": "CyberPanel versions prior to\u00a02.4.4 contain a stored cross-site scripting vulnerability in the AI Scanner dashboard where the POST /api/ai-scanner/callback endpoint lacks authentication and allows unauthenticated attackers to inject malicious JavaScript by overwriting the findings_json field of ScanHistory records. Attackers can inject JavaScript that executes in an administrator\u0027s authenticated session when they visit the AI Scanner dashboard, allowing them to issue same-origin requests to plant cron jobs and achieve remote code execution on the server."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-24T20:40:12.276Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"technical-description",
"exploit"
],
"url": "https://itsrez.re/post/cyberpanel-rce"
},
{
"tags": [
"patch"
],
"url": "https://github.com/usmannasir/cyberpanel/commit/0a099b1b193946555fbdd387a28486b1521f9961"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/cyberpanel-stored-xss-via-ai-scanner-dashboard"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "CyberPanel \u003c 2.4.4 Stored XSS via AI Scanner Dashboard",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-41472",
"datePublished": "2026-04-24T20:40:12.276Z",
"dateReserved": "2026-04-20T16:07:47.312Z",
"dateUpdated": "2026-04-27T13:37:16.906Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-56112 (GCVE-0-2024-56112)
Vulnerability from nvd – Published: 2024-12-16 00:00 – Updated: 2024-12-16 15:52
VLAI
Summary
CyberPanel (aka Cyber Panel) before f0cf648 allows XSS via token or username to plogical/phpmyadminsignin.php.
Severity
6.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
2 references
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-56112",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-16T15:52:08.216411Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-16T15:52:34.618Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CyberPanel (aka Cyber Panel) before f0cf648 allows XSS via token or username to plogical/phpmyadminsignin.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-16T06:09:22.586Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://cyberpanel.net/"
},
{
"url": "https://github.com/usmannasir/cyberpanel/commit/f0cf648c7851c96c36bb0c390d13e60931f45900"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-56112",
"datePublished": "2024-12-16T00:00:00.000Z",
"dateReserved": "2024-12-16T00:00:00.000Z",
"dateUpdated": "2024-12-16T15:52:34.618Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-53376 (GCVE-0-2024-53376)
Vulnerability from nvd – Published: 2024-12-16 00:00 – Updated: 2024-12-17 19:29
VLAI
Summary
CyberPanel before 2.3.8 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the phpSelection field to the websites/submitWebsiteCreation URI.
Severity
8.8 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-53376",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-17T19:28:32.913838Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-17T19:29:25.640Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/ThottySploity/CVE-2024-53376"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CyberPanel before 2.3.8 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the phpSelection field to the websites/submitWebsiteCreation URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-16T03:17:00.769Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/ThottySploity/CVE-2024-53376"
},
{
"url": "https://thottysploity.github.io/posts/cve-2024-53376"
},
{
"url": "https://github.com/ThottySploity/CVE-2024-53376/blob/aa306187323bd1127d56803cb34cac8820b61484/cyberpanel.py#L70"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-53376",
"datePublished": "2024-12-16T00:00:00.000Z",
"dateReserved": "2024-11-20T00:00:00.000Z",
"dateUpdated": "2024-12-17T19:29:25.640Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-54679 (GCVE-0-2024-54679)
Vulnerability from nvd – Published: 2024-12-05 00:00 – Updated: 2024-12-06 15:02
VLAI
Summary
CyberPanel (aka Cyber Panel) before 6778ad1 does not require the FilemanagerAdmin capability for restartMySQL actions.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-862 - Missing Authorization
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-54679",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T18:45:04.355934Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T18:45:50.025Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CyberPanel (aka Cyber Panel) before 6778ad1 does not require the FilemanagerAdmin capability for restartMySQL actions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:N/A:L/C:N/I:N/PR:L/S:U/UI:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-06T15:02:20.712Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://cyberpanel.net/"
},
{
"url": "https://github.com/usmannasir/cyberpanel/commit/6778ad1eaae41f72365da8fd021f9a60369600dc"
},
{
"url": "https://github.com/hotplugin0x01/CVE-2024-54679"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-54679",
"datePublished": "2024-12-05T00:00:00.000Z",
"dateReserved": "2024-12-05T00:00:00.000Z",
"dateUpdated": "2024-12-06T15:02:20.712Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-51567 (GCVE-0-2024-51567)
Vulnerability from nvd – Published: 2024-10-29 00:00 – Updated: 2025-10-21 22:55Summary
upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows remote attackers to bypass authentication and execute arbitrary commands via /dataBases/upgrademysqlstatus by bypassing secMiddleware (which is only for a POST request) and using shell metacharacters in the statusfile property, as exploited in the wild in October 2024 by PSAUX. Versions through 2.3.6 and (unpatched) 2.3.7 are affected.
Severity
10 (Critical)
SSVC
Exploitation: active
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
8 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberpanel | cyberpanel |
Affected:
0 , ≤ 5b08cd6
(git)
cpe:2.3:a:cyberpanel:cyberpanel:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cyberpanel:cyberpanel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cyberpanel",
"vendor": "cyberpanel",
"versions": [
{
"lessThanOrEqual": "5b08cd6",
"status": "affected",
"version": "0",
"versionType": "git"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-51567",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T04:55:50.713087Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-11-07",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-51567"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:55:37.646Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-51567"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-11-07T00:00:00.000Z",
"value": "CVE-2024-51567 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows remote attackers to bypass authentication and execute arbitrary commands via /dataBases/upgrademysqlstatus by bypassing secMiddleware (which is only for a POST request) and using shell metacharacters in the statusfile property, as exploited in the wild in October 2024 by PSAUX. Versions through 2.3.6 and (unpatched) 2.3.7 are affected."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-29T22:43:31.537Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"url": "https://dreyand.rs/code/review/2024/10/27/what-are-my-options-cyberpanel-v236-pre-auth-rce"
},
{
"url": "https://github.com/usmannasir/cyberpanel/commit/5b08cd6d53f4dbc2107ad9f555122ce8b0996515"
},
{
"url": "https://cyberpanel.net/KnowledgeBase/home/change-logs/"
},
{
"url": "https://cwe.mitre.org/data/definitions/420.html"
},
{
"url": "https://cyberpanel.net/blog/detials-and-fix-of-recent-security-issue-and-patch-of-cyberpanel"
},
{
"url": "https://www.bleepingcomputer.com/news/security/massive-psaux-ransomware-attack-targets-22-000-cyberpanel-instances/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-51567",
"datePublished": "2024-10-29T00:00:00.000Z",
"dateReserved": "2024-10-29T00:00:00.000Z",
"dateUpdated": "2025-10-21T22:55:37.646Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-51378 (GCVE-0-2024-51378)
Vulnerability from nvd – Published: 2024-10-29 00:00 – Updated: 2025-10-21 22:55Summary
getresetstatus in dns/views.py and ftp/views.py in CyberPanel (aka Cyber Panel) before 1c0c6cb allows remote attackers to bypass authentication and execute arbitrary commands via /dns/getresetstatus or /ftp/getresetstatus by bypassing secMiddleware (which is only for a POST request) and using shell metacharacters in the statusfile property, as exploited in the wild in October 2024 by PSAUX. Versions through 2.3.6 and (unpatched) 2.3.7 are affected.
Severity
10 (Critical)
SSVC
Exploitation: active
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
8 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberpanel | cyberpanel |
Affected:
0 , < 2.3.9
(custom)
cpe:2.3:a:cyberpanel:cyberpanel:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cyberpanel:cyberpanel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cyberpanel",
"vendor": "cyberpanel",
"versions": [
{
"lessThan": "2.3.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-51378",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-06T04:55:27.827465Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-12-04",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-51378"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:55:37.800Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-51378"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-12-04T00:00:00.000Z",
"value": "CVE-2024-51378 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "getresetstatus in dns/views.py and ftp/views.py in CyberPanel (aka Cyber Panel) before 1c0c6cb allows remote attackers to bypass authentication and execute arbitrary commands via /dns/getresetstatus or /ftp/getresetstatus by bypassing secMiddleware (which is only for a POST request) and using shell metacharacters in the statusfile property, as exploited in the wild in October 2024 by PSAUX. Versions through 2.3.6 and (unpatched) 2.3.7 are affected."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-29T23:33:46.320Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"url": "https://github.com/usmannasir/cyberpanel/commit/1c0c6cbcf71abe573da0b5fddfb9603e7477f683"
},
{
"url": "https://refr4g.github.io/posts/cyberpanel-command-injection-vulnerability/"
},
{
"url": "https://cyberpanel.net/KnowledgeBase/home/change-logs/"
},
{
"url": "https://cwe.mitre.org/data/definitions/420.html"
},
{
"url": "https://cyberpanel.net/blog/detials-and-fix-of-recent-security-issue-and-patch-of-cyberpanel"
},
{
"url": "https://www.bleepingcomputer.com/news/security/massive-psaux-ransomware-attack-targets-22-000-cyberpanel-instances/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-51378",
"datePublished": "2024-10-29T00:00:00.000Z",
"dateReserved": "2024-10-28T00:00:00.000Z",
"dateUpdated": "2025-10-21T22:55:37.800Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-51568 (GCVE-0-2024-51568)
Vulnerability from nvd – Published: 2024-10-29 00:00 – Updated: 2024-10-30 13:44
VLAI
Summary
CyberPanel (aka Cyber Panel) before 2.3.5 allows Command Injection via completePath in the ProcessUtilities.outputExecutioner() sink. There is /filemanager/upload (aka File Manager upload) unauthenticated remote code execution via shell metacharacters.
Severity
10 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyber_panel | cyber_panel |
Affected:
0 , < 2.3.5
(custom)
cpe:2.3:a:cyber_panel:cyber_panel:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cyber_panel:cyber_panel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cyber_panel",
"vendor": "cyber_panel",
"versions": [
{
"lessThan": "2.3.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-51568",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T13:41:00.779651Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T13:44:45.134Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CyberPanel (aka Cyber Panel) before 2.3.5 allows Command Injection via completePath in the ProcessUtilities.outputExecutioner() sink. There is /filemanager/upload (aka File Manager upload) unauthenticated remote code execution via shell metacharacters."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-29T22:41:08.565Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"url": "https://dreyand.rs/code/review/2024/10/27/what-are-my-options-cyberpanel-v236-pre-auth-rce"
},
{
"url": "https://cyberpanel.net/KnowledgeBase/home/change-logs/"
},
{
"url": "https://cyberpanel.net/blog/cyberpanel-v2-3-5"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-51568",
"datePublished": "2024-10-29T00:00:00.000Z",
"dateReserved": "2024-10-29T00:00:00.000Z",
"dateUpdated": "2024-10-30T13:44:45.134Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13056 (GCVE-0-2019-13056)
Vulnerability from nvd – Published: 2019-07-02 15:18 – Updated: 2024-08-04 23:41
VLAI
Summary
An issue was discovered in CyberPanel through 1.8.4. On the user edit page, an attacker can edit the administrator's e-mail and password because of the lack of CSRF protection.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://cyberpanel.net/category/news/ | x_refsource_MISC |
| http://packetstormsecurity.com/files/153492/Cyber… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:41:10.131Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cyberpanel.net/category/news/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/153492/CyberPanel-1.8.4-Cross-Site-Request-Forgery.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in CyberPanel through 1.8.4. On the user edit page, an attacker can edit the administrator\u0027s e-mail and password because of the lack of CSRF protection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-02T15:18:53.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cyberpanel.net/category/news/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/153492/CyberPanel-1.8.4-Cross-Site-Request-Forgery.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13056",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in CyberPanel through 1.8.4. On the user edit page, an attacker can edit the administrator\u0027s e-mail and password because of the lack of CSRF protection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cyberpanel.net/category/news/",
"refsource": "MISC",
"url": "https://cyberpanel.net/category/news/"
},
{
"name": "http://packetstormsecurity.com/files/153492/CyberPanel-1.8.4-Cross-Site-Request-Forgery.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/153492/CyberPanel-1.8.4-Cross-Site-Request-Forgery.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-13056",
"datePublished": "2019-07-02T15:18:53.000Z",
"dateReserved": "2019-06-29T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:41:10.131Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-47949 (GCVE-0-2021-47949)
Vulnerability from cvelistv5 – Published: 2026-05-10 12:52 – Updated: 2026-05-11 12:51
VLAI
Title
CyberPanel 2.1 Authenticated Remote Code Execution via Symlink Attack
Summary
CyberPanel 2.1 contains a command execution vulnerability that allows authenticated attackers to read arbitrary files and execute remote code by exploiting symlink attacks through the filemanager controller endpoint. Attackers can manipulate the completeStartingPath parameter in POST requests to /filemanager/controller to create symbolic links, read sensitive files like database credentials, and execute arbitrary shell commands through the /websites/fetchFolderDetails endpoint.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/50230 | exploit |
| https://cyberpanel.net/ | product |
| https://github.com/usmannasir/cyberpanel | product |
| https://www.vulncheck.com/advisories/cyberpanel-a… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cyberpanel | CyberPanel |
Affected:
<= 2.1
|
Date Public
2021-08-27 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47949",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-11T12:50:59.565034Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T12:51:17.987Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CyberPanel",
"vendor": "Cyberpanel",
"versions": [
{
"status": "affected",
"version": "\u003c= 2.1"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cyberpanel:cyberpanel:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Numan T\u00fcrle"
}
],
"datePublic": "2021-08-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "CyberPanel 2.1 contains a command execution vulnerability that allows authenticated attackers to read arbitrary files and execute remote code by exploiting symlink attacks through the filemanager controller endpoint. Attackers can manipulate the completeStartingPath parameter in POST requests to /filemanager/controller to create symbolic links, read sensitive files like database credentials, and execute arbitrary shell commands through the /websites/fetchFolderDetails endpoint."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-10T12:52:10.631Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-50230",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/50230"
},
{
"name": "Official Product Homepage",
"tags": [
"product"
],
"url": "https://cyberpanel.net/"
},
{
"name": "Product Reference",
"tags": [
"product"
],
"url": "https://github.com/usmannasir/cyberpanel"
},
{
"name": "VulnCheck Advisory: CyberPanel 2.1 Authenticated Remote Code Execution via Symlink Attack",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/cyberpanel-authenticated-remote-code-execution-via-symlink-attack"
}
],
"title": "CyberPanel 2.1 Authenticated Remote Code Execution via Symlink Attack",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2021-47949",
"datePublished": "2026-05-10T12:52:10.631Z",
"dateReserved": "2026-02-01T11:24:18.719Z",
"dateUpdated": "2026-05-11T12:51:17.987Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-41473 (GCVE-0-2026-41473)
Vulnerability from cvelistv5 – Published: 2026-04-24 20:40 – Updated: 2026-04-27 13:47
VLAI
Title
CyberPanel < 2.4.4 Unauthenticated API Access via AI Scanner Endpoints
Summary
CyberPanel versions prior to 2.4.4 contain an authentication bypass vulnerability in the AI Scanner worker API endpoints that allows unauthenticated remote attackers to write arbitrary data to the database by sending requests to the /api/ai-scanner/status-webhook and /api/ai-scanner/callback endpoints. Attackers can exploit the lack of authentication checks to cause denial of service through storage exhaustion, corrupt scan history records, and pollute database fields with malicious data.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://itsrez.re/post/cyberpanel-rce | technical-descriptionexploit |
| https://github.com/usmannasir/cyberpanel/commit/0… | patch |
| https://www.vulncheck.com/advisories/cyberpanel-u… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| usmannasir | cyberpanel |
Affected:
0 , < 2.4.4
(semver)
Unaffected: 0a099b1b193946555fbdd387a28486b1521f9961 (git) |
Date Public
2026-01-18 17:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-41473",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-27T13:47:19.457775Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-27T13:47:41.253Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "cyberpanel",
"repo": "https://github.com/usmannasir/cyberpanel",
"vendor": "usmannasir",
"versions": [
{
"lessThan": "2.4.4",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "0a099b1b193946555fbdd387a28486b1521f9961",
"versionType": "git"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Djibril Mounkoro"
}
],
"datePublic": "2026-01-18T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "CyberPanel versions prior to\u0026nbsp;2.4.4 contain an authentication bypass vulnerability in the AI Scanner worker API endpoints that allows unauthenticated remote attackers to write arbitrary data to the database by sending requests to the /api/ai-scanner/status-webhook and /api/ai-scanner/callback endpoints. Attackers can exploit the lack of authentication checks to cause denial of service through storage exhaustion, corrupt scan history records, and pollute database fields with malicious data.\u003cbr\u003e"
}
],
"value": "CyberPanel versions prior to\u00a02.4.4 contain an authentication bypass vulnerability in the AI Scanner worker API endpoints that allows unauthenticated remote attackers to write arbitrary data to the database by sending requests to the /api/ai-scanner/status-webhook and /api/ai-scanner/callback endpoints. Attackers can exploit the lack of authentication checks to cause denial of service through storage exhaustion, corrupt scan history records, and pollute database fields with malicious data."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-24T20:40:36.173Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"technical-description",
"exploit"
],
"url": "https://itsrez.re/post/cyberpanel-rce"
},
{
"tags": [
"patch"
],
"url": "https://github.com/usmannasir/cyberpanel/commit/0a099b1b193946555fbdd387a28486b1521f9961"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/cyberpanel-unauthenticated-api-access-via-ai-scanner-endpoints"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "CyberPanel \u003c 2.4.4 Unauthenticated API Access via AI Scanner Endpoints",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-41473",
"datePublished": "2026-04-24T20:40:36.173Z",
"dateReserved": "2026-04-20T16:07:47.312Z",
"dateUpdated": "2026-04-27T13:47:41.253Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-41472 (GCVE-0-2026-41472)
Vulnerability from cvelistv5 – Published: 2026-04-24 20:40 – Updated: 2026-04-27 13:37
VLAI
Title
CyberPanel < 2.4.4 Stored XSS via AI Scanner Dashboard
Summary
CyberPanel versions prior to 2.4.4 contain a stored cross-site scripting vulnerability in the AI Scanner dashboard where the POST /api/ai-scanner/callback endpoint lacks authentication and allows unauthenticated attackers to inject malicious JavaScript by overwriting the findings_json field of ScanHistory records. Attackers can inject JavaScript that executes in an administrator's authenticated session when they visit the AI Scanner dashboard, allowing them to issue same-origin requests to plant cron jobs and achieve remote code execution on the server.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://itsrez.re/post/cyberpanel-rce | technical-descriptionexploit |
| https://github.com/usmannasir/cyberpanel/commit/0… | patch |
| https://www.vulncheck.com/advisories/cyberpanel-s… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| usmannasir | cyberpanel |
Affected:
0 , < 2.4.4
(semver)
Unaffected: 0a099b1b193946555fbdd387a28486b1521f9961 (git) |
Date Public
2026-01-18 17:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-41472",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-27T13:37:10.501228Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-27T13:37:16.906Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "cyberpanel",
"repo": "https://github.com/usmannasir/cyberpanel",
"vendor": "usmannasir",
"versions": [
{
"lessThan": "2.4.4",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "0a099b1b193946555fbdd387a28486b1521f9961",
"versionType": "git"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Djibril Mounkoro"
}
],
"datePublic": "2026-01-18T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "CyberPanel versions prior to\u0026nbsp;2.4.4 contain a stored cross-site scripting vulnerability in the AI Scanner dashboard where the POST /api/ai-scanner/callback endpoint lacks authentication and allows unauthenticated attackers to inject malicious JavaScript by overwriting the findings_json field of ScanHistory records. Attackers can inject JavaScript that executes in an administrator\u0027s authenticated session when they visit the AI Scanner dashboard, allowing them to issue same-origin requests to plant cron jobs and achieve remote code execution on the server.\u003cbr\u003e"
}
],
"value": "CyberPanel versions prior to\u00a02.4.4 contain a stored cross-site scripting vulnerability in the AI Scanner dashboard where the POST /api/ai-scanner/callback endpoint lacks authentication and allows unauthenticated attackers to inject malicious JavaScript by overwriting the findings_json field of ScanHistory records. Attackers can inject JavaScript that executes in an administrator\u0027s authenticated session when they visit the AI Scanner dashboard, allowing them to issue same-origin requests to plant cron jobs and achieve remote code execution on the server."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-24T20:40:12.276Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"technical-description",
"exploit"
],
"url": "https://itsrez.re/post/cyberpanel-rce"
},
{
"tags": [
"patch"
],
"url": "https://github.com/usmannasir/cyberpanel/commit/0a099b1b193946555fbdd387a28486b1521f9961"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/cyberpanel-stored-xss-via-ai-scanner-dashboard"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "CyberPanel \u003c 2.4.4 Stored XSS via AI Scanner Dashboard",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-41472",
"datePublished": "2026-04-24T20:40:12.276Z",
"dateReserved": "2026-04-20T16:07:47.312Z",
"dateUpdated": "2026-04-27T13:37:16.906Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-56112 (GCVE-0-2024-56112)
Vulnerability from cvelistv5 – Published: 2024-12-16 00:00 – Updated: 2024-12-16 15:52
VLAI
Summary
CyberPanel (aka Cyber Panel) before f0cf648 allows XSS via token or username to plogical/phpmyadminsignin.php.
Severity
6.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
2 references
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-56112",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-16T15:52:08.216411Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-16T15:52:34.618Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CyberPanel (aka Cyber Panel) before f0cf648 allows XSS via token or username to plogical/phpmyadminsignin.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-16T06:09:22.586Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://cyberpanel.net/"
},
{
"url": "https://github.com/usmannasir/cyberpanel/commit/f0cf648c7851c96c36bb0c390d13e60931f45900"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-56112",
"datePublished": "2024-12-16T00:00:00.000Z",
"dateReserved": "2024-12-16T00:00:00.000Z",
"dateUpdated": "2024-12-16T15:52:34.618Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-53376 (GCVE-0-2024-53376)
Vulnerability from cvelistv5 – Published: 2024-12-16 00:00 – Updated: 2024-12-17 19:29
VLAI
Summary
CyberPanel before 2.3.8 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the phpSelection field to the websites/submitWebsiteCreation URI.
Severity
8.8 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-53376",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-17T19:28:32.913838Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-17T19:29:25.640Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/ThottySploity/CVE-2024-53376"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CyberPanel before 2.3.8 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the phpSelection field to the websites/submitWebsiteCreation URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-16T03:17:00.769Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/ThottySploity/CVE-2024-53376"
},
{
"url": "https://thottysploity.github.io/posts/cve-2024-53376"
},
{
"url": "https://github.com/ThottySploity/CVE-2024-53376/blob/aa306187323bd1127d56803cb34cac8820b61484/cyberpanel.py#L70"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-53376",
"datePublished": "2024-12-16T00:00:00.000Z",
"dateReserved": "2024-11-20T00:00:00.000Z",
"dateUpdated": "2024-12-17T19:29:25.640Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-54679 (GCVE-0-2024-54679)
Vulnerability from cvelistv5 – Published: 2024-12-05 00:00 – Updated: 2024-12-06 15:02
VLAI
Summary
CyberPanel (aka Cyber Panel) before 6778ad1 does not require the FilemanagerAdmin capability for restartMySQL actions.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-862 - Missing Authorization
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-54679",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T18:45:04.355934Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T18:45:50.025Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CyberPanel (aka Cyber Panel) before 6778ad1 does not require the FilemanagerAdmin capability for restartMySQL actions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:N/A:L/C:N/I:N/PR:L/S:U/UI:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-06T15:02:20.712Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://cyberpanel.net/"
},
{
"url": "https://github.com/usmannasir/cyberpanel/commit/6778ad1eaae41f72365da8fd021f9a60369600dc"
},
{
"url": "https://github.com/hotplugin0x01/CVE-2024-54679"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-54679",
"datePublished": "2024-12-05T00:00:00.000Z",
"dateReserved": "2024-12-05T00:00:00.000Z",
"dateUpdated": "2024-12-06T15:02:20.712Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-51567 (GCVE-0-2024-51567)
Vulnerability from cvelistv5 – Published: 2024-10-29 00:00 – Updated: 2025-10-21 22:55Summary
upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows remote attackers to bypass authentication and execute arbitrary commands via /dataBases/upgrademysqlstatus by bypassing secMiddleware (which is only for a POST request) and using shell metacharacters in the statusfile property, as exploited in the wild in October 2024 by PSAUX. Versions through 2.3.6 and (unpatched) 2.3.7 are affected.
Severity
10 (Critical)
SSVC
Exploitation: active
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
8 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberpanel | cyberpanel |
Affected:
0 , ≤ 5b08cd6
(git)
cpe:2.3:a:cyberpanel:cyberpanel:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cyberpanel:cyberpanel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cyberpanel",
"vendor": "cyberpanel",
"versions": [
{
"lessThanOrEqual": "5b08cd6",
"status": "affected",
"version": "0",
"versionType": "git"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-51567",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T04:55:50.713087Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-11-07",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-51567"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:55:37.646Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-51567"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-11-07T00:00:00.000Z",
"value": "CVE-2024-51567 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows remote attackers to bypass authentication and execute arbitrary commands via /dataBases/upgrademysqlstatus by bypassing secMiddleware (which is only for a POST request) and using shell metacharacters in the statusfile property, as exploited in the wild in October 2024 by PSAUX. Versions through 2.3.6 and (unpatched) 2.3.7 are affected."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-29T22:43:31.537Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"url": "https://dreyand.rs/code/review/2024/10/27/what-are-my-options-cyberpanel-v236-pre-auth-rce"
},
{
"url": "https://github.com/usmannasir/cyberpanel/commit/5b08cd6d53f4dbc2107ad9f555122ce8b0996515"
},
{
"url": "https://cyberpanel.net/KnowledgeBase/home/change-logs/"
},
{
"url": "https://cwe.mitre.org/data/definitions/420.html"
},
{
"url": "https://cyberpanel.net/blog/detials-and-fix-of-recent-security-issue-and-patch-of-cyberpanel"
},
{
"url": "https://www.bleepingcomputer.com/news/security/massive-psaux-ransomware-attack-targets-22-000-cyberpanel-instances/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-51567",
"datePublished": "2024-10-29T00:00:00.000Z",
"dateReserved": "2024-10-29T00:00:00.000Z",
"dateUpdated": "2025-10-21T22:55:37.646Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-51378 (GCVE-0-2024-51378)
Vulnerability from cvelistv5 – Published: 2024-10-29 00:00 – Updated: 2025-10-21 22:55Summary
getresetstatus in dns/views.py and ftp/views.py in CyberPanel (aka Cyber Panel) before 1c0c6cb allows remote attackers to bypass authentication and execute arbitrary commands via /dns/getresetstatus or /ftp/getresetstatus by bypassing secMiddleware (which is only for a POST request) and using shell metacharacters in the statusfile property, as exploited in the wild in October 2024 by PSAUX. Versions through 2.3.6 and (unpatched) 2.3.7 are affected.
Severity
10 (Critical)
SSVC
Exploitation: active
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
8 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyberpanel | cyberpanel |
Affected:
0 , < 2.3.9
(custom)
cpe:2.3:a:cyberpanel:cyberpanel:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cyberpanel:cyberpanel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cyberpanel",
"vendor": "cyberpanel",
"versions": [
{
"lessThan": "2.3.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-51378",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-06T04:55:27.827465Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-12-04",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-51378"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:55:37.800Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-51378"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-12-04T00:00:00.000Z",
"value": "CVE-2024-51378 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "getresetstatus in dns/views.py and ftp/views.py in CyberPanel (aka Cyber Panel) before 1c0c6cb allows remote attackers to bypass authentication and execute arbitrary commands via /dns/getresetstatus or /ftp/getresetstatus by bypassing secMiddleware (which is only for a POST request) and using shell metacharacters in the statusfile property, as exploited in the wild in October 2024 by PSAUX. Versions through 2.3.6 and (unpatched) 2.3.7 are affected."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-29T23:33:46.320Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"url": "https://github.com/usmannasir/cyberpanel/commit/1c0c6cbcf71abe573da0b5fddfb9603e7477f683"
},
{
"url": "https://refr4g.github.io/posts/cyberpanel-command-injection-vulnerability/"
},
{
"url": "https://cyberpanel.net/KnowledgeBase/home/change-logs/"
},
{
"url": "https://cwe.mitre.org/data/definitions/420.html"
},
{
"url": "https://cyberpanel.net/blog/detials-and-fix-of-recent-security-issue-and-patch-of-cyberpanel"
},
{
"url": "https://www.bleepingcomputer.com/news/security/massive-psaux-ransomware-attack-targets-22-000-cyberpanel-instances/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-51378",
"datePublished": "2024-10-29T00:00:00.000Z",
"dateReserved": "2024-10-28T00:00:00.000Z",
"dateUpdated": "2025-10-21T22:55:37.800Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-51568 (GCVE-0-2024-51568)
Vulnerability from cvelistv5 – Published: 2024-10-29 00:00 – Updated: 2024-10-30 13:44
VLAI
Summary
CyberPanel (aka Cyber Panel) before 2.3.5 allows Command Injection via completePath in the ProcessUtilities.outputExecutioner() sink. There is /filemanager/upload (aka File Manager upload) unauthenticated remote code execution via shell metacharacters.
Severity
10 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| cyber_panel | cyber_panel |
Affected:
0 , < 2.3.5
(custom)
cpe:2.3:a:cyber_panel:cyber_panel:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cyber_panel:cyber_panel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cyber_panel",
"vendor": "cyber_panel",
"versions": [
{
"lessThan": "2.3.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-51568",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T13:41:00.779651Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T13:44:45.134Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CyberPanel (aka Cyber Panel) before 2.3.5 allows Command Injection via completePath in the ProcessUtilities.outputExecutioner() sink. There is /filemanager/upload (aka File Manager upload) unauthenticated remote code execution via shell metacharacters."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-29T22:41:08.565Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"url": "https://dreyand.rs/code/review/2024/10/27/what-are-my-options-cyberpanel-v236-pre-auth-rce"
},
{
"url": "https://cyberpanel.net/KnowledgeBase/home/change-logs/"
},
{
"url": "https://cyberpanel.net/blog/cyberpanel-v2-3-5"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-51568",
"datePublished": "2024-10-29T00:00:00.000Z",
"dateReserved": "2024-10-29T00:00:00.000Z",
"dateUpdated": "2024-10-30T13:44:45.134Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13056 (GCVE-0-2019-13056)
Vulnerability from cvelistv5 – Published: 2019-07-02 15:18 – Updated: 2024-08-04 23:41
VLAI
Summary
An issue was discovered in CyberPanel through 1.8.4. On the user edit page, an attacker can edit the administrator's e-mail and password because of the lack of CSRF protection.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://cyberpanel.net/category/news/ | x_refsource_MISC |
| http://packetstormsecurity.com/files/153492/Cyber… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:41:10.131Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cyberpanel.net/category/news/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/153492/CyberPanel-1.8.4-Cross-Site-Request-Forgery.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in CyberPanel through 1.8.4. On the user edit page, an attacker can edit the administrator\u0027s e-mail and password because of the lack of CSRF protection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-02T15:18:53.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cyberpanel.net/category/news/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/153492/CyberPanel-1.8.4-Cross-Site-Request-Forgery.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13056",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in CyberPanel through 1.8.4. On the user edit page, an attacker can edit the administrator\u0027s e-mail and password because of the lack of CSRF protection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cyberpanel.net/category/news/",
"refsource": "MISC",
"url": "https://cyberpanel.net/category/news/"
},
{
"name": "http://packetstormsecurity.com/files/153492/CyberPanel-1.8.4-Cross-Site-Request-Forgery.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/153492/CyberPanel-1.8.4-Cross-Site-Request-Forgery.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-13056",
"datePublished": "2019-07-02T15:18:53.000Z",
"dateReserved": "2019-06-29T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:41:10.131Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}