Lucene search
MitreCVE-2022-48079HistoryFeb 02, 2023 - 9:22 p.m.
CVE-2022-48079
2023-02-0221:22:45
mitre
web.nvd.nist.gov
21
monnai aapanel
v1.5
access control issue
privilege escalation
arbitrary code execution
php file upload
cve-2022-48079
nvd
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.7
Confidence
High
EPSS
0.003
Percentile
71.1%
Monnai aaPanel host system v1.5 contains an access control issue which allows attackers to escalate privileges and execute arbitrary code via uploading a crafted PHP file to the virtual host directory of the system.
Affected configurations
Node
mengnaiaapanel_host_systemMatch1.5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mengnai | aapanel_host_system | 1.5 | cpe:2.3:a:mengnai:aapanel_host_system:1.5:*:*:*:*:*:*:* |
References
Related
nvd
nvd
CVE-2022-48079
2023-02-02 21:22:45
prion
prion
Improper access control
2023-02-02 21:22:00
cvelist
cvelist
CVE-2022-48079
2023-02-02 00:00:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.7
Confidence
High
EPSS
0.003
Percentile
71.1%
Related for CVE-2022-48079