4 matches found
Remote Code Execution (RCE)
github.com/1panel-dev/1panel is vulnerable to Remote Code Execution RCE. The vulnerability is due to incomplete certificate verification during HTTPS communication between the Core and Agent endpoints, which allows an attacker to gain unauthorized access and execute commands with high privileges...
Arbitrary Command Injection
Overview Affected versions of this package are vulnerable to Arbitrary Command Injection due to incomplete certificate verification during HTTPS communication between Core and Agent endpoints. An attacker can execute arbitrary commands with high privileges by bypassing authentication and accessin...
PT-2025-31703 · 1Panel · 1Panel
Name of the Vulnerable Software and Affected Versions: 1Panel versions 2.0.5 and below Description: 1Panel is a web interface and MCP Server that manages websites, files, containers, databases, and LLMs on a Linux server. The HTTPS protocol used for communication between the Core and Agent...
Security Bulletin: Vulnerabilities in Apache HttpComponents affect IBM InfoSphere Information Server (CVE-2012-6153 CVE-2014-3577)
Summary Apache HttpComponents vulnerabilities while verifying certificates was addressed by IBM InfoSphere Information Server. Vulnerability Details CVEID: CVE-2012-6153 DESCRIPTION: Apache HttpComponents could allow a remote attacker to conduct spoofing attacks, caused by an incomplete fix relat...