Podatność CVE-2023-46157
Publikacja: 2023-12-08   Modyfikacja: 2023-12-14

Opis:
File-Manager in MGT CloudPanel 2.0.0 through 2.3.2 allows the lowest privilege user to achieve OS command injection by changing file ownership and changing file permissions to 4755.

Typ:

CWE-78

 (Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') )

Affected software
Mgt-commerce -> Cloudpanel 

 Referencje:
https://www.cloudpanel.io/docs/v2/changelog/
https://www.mgt-commerce.com/docs/mgt-cloudpanel/dashboard
Copyright 2024, cxsecurity.com

 

Back to Top