CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24320
https://notcve.org/view.php?id=CVE-2024-24320
14 Jun 2024 — Directory Traversal vulnerability in Mgt-commerce CloudPanel v.2.0.0 thru v.2.4.0 allows a remote attacker to obtain sensitive information and execute arbitrary code via the service parameter of the load-logfiles function. Vulnerabilidad de Directory Traversal en Mgt-commerce CloudPanel v.2.0.0 a v.2.4.0 permite a un atacante remoto obtener información confidencial y ejecutar código arbitrario a través del parámetro de servicio de la función load-logfiles. • https://datack.my/cloudpanel-v2-0-0-v2-4-0-authenticated-user-session-hijacking-cve-2024-24320 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46157
https://notcve.org/view.php?id=CVE-2023-46157
08 Dec 2023 — File-Manager in MGT CloudPanel 2.0.0 through 2.3.2 allows the lowest privilege user to achieve OS command injection by changing file ownership and changing file permissions to 4755. File-Manager en MGT CloudPanel 2.0.0 a 2.3.2 permite al usuario con privilegios más bajos lograr la inyección de comandos del sistema operativo cambiando la propiedad del archivo y cambiando los permisos del archivo a 4755. • https://www.cloudpanel.io/docs/v2/changelog • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-36630
https://notcve.org/view.php?id=CVE-2023-36630
25 Jun 2023 — In CloudPanel before 2.3.1, insecure file upload leads to privilege escalation and authentication bypass. • https://github.com/yunaranyancat/poc-dump/blob/main/cloudpanel/README.md • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 51%CPEs: 1EXPL: 3CVE-2023-35885
https://notcve.org/view.php?id=CVE-2023-35885
20 Jun 2023 — CloudPanel 2 before 2.3.1 has insecure file-manager cookie authentication. • https://github.com/datackmy/FallingSkies-CVE-2023-35885 • CWE-565: Reliance on Cookies without Validation and Integrity Checking •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 4CVE-2023-33747 – CloudPanel 2.2.2 Privilege Escalation / Path Traversal
https://notcve.org/view.php?id=CVE-2023-33747
06 Jun 2023 — CloudPanel v2.2.2 allows attackers to execute a path traversal. CloudPanel versions 2.0.0 through 2.2.2 suffer from a privilege escalation vulnerability when a traversal is leveraged against clpctlWrapper for which all normal users have sudo access. • https://packetstorm.news/files/id/172768 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 2CVE-2023-0391 – MGT-COMMERCE CloudPanel Shared Certificate
https://notcve.org/view.php?id=CVE-2023-0391
21 Mar 2023 — MGT-COMMERCE CloudPanel ships with a static SSL certificate to encrypt communications to the administrative interface, shared across every installation of CloudPanel. This behavior was observed in version 2.2.0. There has been no indication from the vendor this has been addressed in version 2.2.1. • https://www.bleepingcomputer.com/news/security/cloudpanel-installations-use-the-same-ssl-certificate-private-key • CWE-321: Use of Hard-coded Cryptographic Key CWE-798: Use of Hard-coded Credentials •