Description

CyberPanel contains an authentication bypass vulnerability that could allow an unauthenticated attacker to access restricted functionality and exploit RCE vulnerabilities to compromise the system.

Remediation

Upgrade to the latest version of CyberPanel.

References

What Are My OPTIONS? CyberPanel v2.3.6 pre-auth RCE

Details and fix of recent security issue and patch of CyberPanel

Related Vulnerabilities

Oracle Application Server CVE-2006-5364 Vulnerability (CVE-2006-5364)

MySQL CVE-2012-0101 Vulnerability (CVE-2012-0101)

Moodle Improper Input Validation Vulnerability (CVE-2012-0801)

Plone CMS CVE-2017-1000483 Vulnerability (CVE-2017-1000483)

Python Off-by-one Error Vulnerability (CVE-2007-2052)

Severity

Critical

Classification

CVE-2024-51567 CVE-2024-51568 CVE-2024-51378 CWE-306 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Tags

Known Vulnerabilities Code Execution Authentication Bypass