Описание
aaPanel through 6.6.6 allows remote authenticated users to execute arbitrary commands via shell metacharacters in a modified /system?action=ServiceAdmin request (start, stop, or restart) to the setting menu of Sotfware Store.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 6.6.6 (включая)
cpe:2.3:a:aapanel:aapanel:*:*:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.02684
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-78
Связанные уязвимости
github
больше 3 лет назад
aaPanel through 6.6.6 allows remote authenticated users to execute arbitrary commands via shell metacharacters in a modified /system?action=ServiceAdmin request (start, stop, or restart) to the setting menu of Sotfware Store.
EPSS
Процентиль: 85%
0.02684
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-78