Описание
Monnai aaPanel host system v1.5 contains an access control issue which allows attackers to escalate privileges and execute arbitrary code via uploading a crafted PHP file to the virtual host directory of the system.
Ссылки
- Vendor Advisory
- ExploitThird Party Advisory
- Vendor Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:mengnai:aapanel_host_system:1.5:*:*:*:*:*:*:*
EPSS
Процентиль: 75%
0.00859
Низкий
9.8 Critical
CVSS3
Дефекты
NVD-CWE-Other
CWE-434
Связанные уязвимости
CVSS3: 9.8
github
около 3 лет назад
Monnai aaPanel host system v1.5 contains an access control issue which allows attackers to escalate privileges and execute arbitrary code via uploading a crafted PHP file to the virtual host directory of the system.
EPSS
Процентиль: 75%
0.00859
Низкий
9.8 Critical
CVSS3
Дефекты
NVD-CWE-Other
CWE-434