Security Advisory

CVE-2024-51568

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-10-29 00:00:00

Last updated 2024-10-30 13:44:45

Assigner mitre

State PUBLISHED

Description

CyberPanel (aka Cyber Panel) before 2.3.5 allows Command Injection via completePath in the ProcessUtilities.outputExecutioner() sink. There is /filemanager/upload (aka File Manager upload) unauthenticated remote code execution via shell metacharacters.

← Browse all CVEs View on cve.org ↗