exploitDog

GHSA-pchx-mwqh-wxv5

Опубликовано: 10 сент. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

OS Command injection vulnerability in function OperateSSH in 1panel 2.0.8 allowing attackers to execute arbitrary commands via the operation parameter to the /api/v2/hosts/ssh/operate endpoint.

OS Command injection vulnerability in function OperateSSH in 1panel 2.0.8 allowing attackers to execute arbitrary commands via the operation parameter to the /api/v2/hosts/ssh/operate endpoint.

Ссылки

EPSS

Процентиль: 55%

0.00329

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-78

Связанные уязвимости

CVE-2025-56413

CVSS3: 8.8

nvd

5 месяцев назад

OS Command injection vulnerability in function OperateSSH in 1panel 2.0.8 allowing attackers to execute arbitrary commands via the operation parameter to the /api/v2/hosts/ssh/operate endpoint.

EPSS

Процентиль: 55%

0.00329

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-78