4 matches found
The vulnerability of the getresetstatus function in the CyberPanel web hosting control panel allows a hacker to execute arbitrary commands.
The vulnerability of the getresetstatus function in the CyberPanel web hosting control panel’s views.py and ftp.views.py files is related to the improper use of standard permissions. Exploiting this vulnerability could allow an attacker to execute arbitrary commands...
CVE-2024-51378
CyberPanel CVE-2024-51378 is an unauthenticated remote code execution affecting CyberPanel before patch 1c0c6cb (versions through 2.3.6 and unpatched 2.3.7). The vulnerability lies in getresetstatus endpoints at /dns/getresetstatus and /ftp/getresetstatus, where an attacker can bypass secMiddlewa...
CyberPanel 安全漏洞
CyberPanel is a web hosting control panel with built-in DNS and email servers by Usman Nasir, an individual developer. CyberPanel has a security vulnerability that originates from getresetstatus in dns/views.py that allows remote attackers to bypass authentication and execute arbitrary commands v...
CVE-2024-51378
getresetstatus in dns/views.py and ftp/views.py in CyberPanel aka Cyber Panel before 1c0c6cb allows remote attackers to bypass authentication and execute arbitrary commands via /dns/getresetstatus or /ftp/getresetstatus by bypassing secMiddleware which is only for a POST request and using shell...