CVE-2024-51567: upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows remote attackers to bypass authentication and...
Description
upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows remote attackers to bypass authentication and execute arbitrary commands via /dataBases/upgrademysqlstatus by bypassing secMiddleware (which is only for a POST request) and using shell metacharacters in the statusfile property, as exploited in the wild in October 2024 by PSAUX. Versions through 2.3.6 and (unpatched) 2.3.7 are affected.
Classification
CVE ID: CVE-2024-51567
CVSS Base Severity: CRITICAL
CVSS Base Score: 10.0
CVSS Vector: CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:N
Affected Products
Vendor: n/a
Product: n/a
Nuclei Template
http/cves/2024/CVE-2024-51567.yaml
Exploit Prediction Scoring System (EPSS)
EPSS Score: 36.7% (probability of being exploited)
EPSS Percentile: 97.29% (scored less or equal to compared to others)
EPSS Date: 2025-03-06 (when was this score calculated)
References
https://cwe.mitre.org/data/definitions/78.htmlhttps://dreyand.rs/code/review/2024/10/27/what-are-my-options-cyberpanel-v236-pre-auth-rce
https://github.com/usmannasir/cyberpanel/commit/5b08cd6d53f4dbc2107ad9f555122ce8b0996515
https://cyberpanel.net/KnowledgeBase/home/change-logs/
https://cwe.mitre.org/data/definitions/420.html
https://cyberpanel.net/blog/detials-and-fix-of-recent-security-issue-and-patch-of-cyberpanel
https://www.bleepingcomputer.com/news/security/massive-psaux-ransomware-attack-targets-22-000-cyberpanel-instances/