Description

CyberPanel contains an authentication bypass vulnerability that could allow an unauthenticated attacker to access restricted functionality and exploit RCE vulnerabilities to compromise the system.

Remediation

Upgrade to the latest version of CyberPanel.

References

What Are My OPTIONS? CyberPanel v2.3.6 pre-auth RCE

Details and fix of recent security issue and patch of CyberPanel

Related Vulnerabilities

Dolibarr Improper Privilege Management Vulnerability (CVE-2020-14201)

Oracle JRE CVE-2013-1571 Vulnerability (CVE-2013-1571)

MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6335)

Jetty Uncontrolled Resource Consumption Vulnerability (CVE-2020-27223)

Apache Tomcat Improper Authentication Vulnerability (CVE-2012-5887)

Severity

Critical

Classification

CVE-2024-51567 CVE-2024-51568 CVE-2024-51378 CWE-306 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Tags

Known Vulnerabilities Code Execution Authentication Bypass