CVE-2025-66508

1Panel is an open-source, web-based control panel for Linux server management. Versions 2.0.14 and below use Gin's default configuration which trusts all IP addresses as proxies TrustedProxies = 0.0.0.0/0, allowing any client to spoof the X-Forwarded-For header. Since all IP-based access controls...

The vulnerability of the 1Panel Linux server control panel, related to the lack of security measures for SQL query structures, allows attackers to gain unauthorized access to protected information and execute arbitrary code.

The vulnerability of the 1Panel Linux server’s control panel is related to the lack of measures taken to protect the SQL query structure when processing the orderBy parameter. Exploiting this vulnerability allows an attacker to gain unauthorized access to protected information and execute arbitra...

1Panel 命令注入漏洞

1Panel is an open source Linux server operations and management panel for the Chinese 1panel community. A command injection vulnerability exists in versions prior to 1Panel v1.10.3-lts. The vulnerability stems from the presence of a command injection issue that can lead to arbitrary file writing...

1Panel Security Vulnerability

1Panel is an open source Linux server O&M panel for the Chinese 1panel community. A security vulnerability exists in 1Panel version 1.4.3. An attacker can exploit the vulnerability to download arbitrary files through the API interface...

1Panel Security Vulnerability

1Panel is an open source Linux server operations and management panel for the Chinese 1panel community. A security vulnerability exists in 1Panel version 1.4.3, which stems from a lack of parameter filtering...