CVE-2024-51378 - CyberPanel Incorrect Default Permissions Vulnerability

CVE-2024-51378: CyberPersons | CyberPanel

Date Added:
2024-12-04

Due Date:
2024-12-25

Vulnerability Name: CyberPanel Incorrect Default Permissions Vulnerability

Description: CyberPanel contains an incorrect default permissions vulnerability that allows for authentication bypass and the execution of arbitrary commands using shell metacharacters in the statusfile property.

Known To Be Used in Ransomware Campaigns?: Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes: https://cyberpanel.net/KnowledgeBase/home/change-logs/ ; https://nvd.nist.gov/vuln/detail/CVE-2024-51378

Free security scan for your website

Don't show website scan report rating on the leaderboard