Описание
Hestia Control Panel 1.3.2 contains an arbitrary file write vulnerability that allows authenticated attackers to write files to arbitrary locations using the API index.php endpoint. Attackers can exploit the v-make-tmp-file command to write SSH keys or other content to specific file paths on the server.
EPSS
Процентиль: 13%
0.00044
Низкий
8.8 High
CVSS3
Дефекты
CWE-73
Связанные уязвимости
CVSS3: 8.8
github
17 дней назад
Hestia Control Panel 1.3.2 contains an arbitrary file write vulnerability that allows authenticated attackers to write files to arbitrary locations using the API index.php endpoint. Attackers can exploit the v-make-tmp-file command to write SSH keys or other content to specific file paths on the server.
EPSS
Процентиль: 13%
0.00044
Низкий
8.8 High
CVSS3
Дефекты
CWE-73