exploitDog

CVE-2023-46157

Опубликовано: 08 дек. 2023

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

File-Manager in MGT CloudPanel 2.0.0 through 2.3.2 allows the lowest privilege user to achieve OS command injection by changing file ownership and changing file permissions to 4755.

Ссылки

https://www.cloudpanel.io/docs/v2/changelog/
Release Notes
https://www.mgt-commerce.com/docs/mgt-cloudpanel/dashboard
Product
https://www.cloudpanel.io/docs/v2/changelog/
Release Notes
https://www.mgt-commerce.com/docs/mgt-cloudpanel/dashboard
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mgt-commerce:cloudpanel:*:*:*:*:*:*:*:*

Версия от 2.0.0 (включая) до 2.3.2 (включая)

EPSS

Процентиль: 69%

0.00618

Низкий

8.8 High

CVSS3

Дефекты

CWE-78

Связанные уязвимости

GHSA-3g99-8x6v-6hch

CVSS3: 8.8

github

около 2 лет назад

File-Manager in MGT CloudPanel 2.0.0 through 2.3.2 allows the lowest privilege user to achieve OS command injection by changing file ownership and changing file permissions to 4755.

EPSS

Процентиль: 69%

0.00618

Низкий

8.8 High

CVSS3

Дефекты

CWE-78