CVE-2021-30463

2021-04-0814:15:14

Google

osv.dev

7.2 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.8%

JSON

VestaCP through 0.9.8-24 allows attackers to gain privileges by creating symlinks to files for which they lack permissions. After reading the RKEY value from user.conf under the /usr/local/vesta/data/users/admin directory, the admin password can be changed via a /reset/?action=confirm&user=admin&code= URI. This occurs because chmod is used unsafely.

CPENameOperatorVersion
vestaeq0.9.8-16
vestaeq0.9.8-11
vestaeq0.9.8-17
vestaeq0.9.8-19
vestaeq0.9.8-20
vestaeq0.9.8-12
vestaeq0.9.8-15
vestaeq0.9.8-23
vestaeq0.9.8-18
vestaeq0.9.8-24

Name	Operator	Version
vesta	eq	0.9.8-16
vesta	eq	0.9.8-11
vesta	eq	0.9.8-17
vesta	eq	0.9.8-19
vesta	eq	0.9.8-20
vesta	eq	0.9.8-12
vesta	eq	0.9.8-15
vesta	eq	0.9.8-23
vesta	eq	0.9.8-18
vesta	eq	0.9.8-24