CVE-2024-51567
CVE-2024-51567
In short
CyberPanel has a critical flaw where attackers can skip authentication checks and run dangerous commands on the server by sending requests to a specific URL. This happens because the security check only works for certain types of requests, leaving a gap that allows attackers to take full control.
Technical detail
The upgrademysqlstatus endpoint in databases/views.py lacks proper authentication enforcement due to secMiddleware only validating POST requests, enabling attackers to bypass authentication via GET/other methods and inject arbitrary shell commands through the statusfile parameter. Successful exploitation grants unauthenticated remote code execution with server-level privileges.
Summary generated and translated by AI from the official description.
upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows remote attackers to bypass authentication and execute arbitrary commands via /dataBases/upgrademysqlstatus by bypassing secMiddleware (which is only for a POST request) and using shell metacharacters in the statusfile property, as exploited in the wild in October 2024 by PSAUX. Versions through 2.3.6 and (unpatched) 2.3.7 are affected.
CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:N
Affected products
n/a · n/apublic PoCs found — 2
githubgithub.com/ajayalf/CVE-2024-51567★ 5githubgithub.com/thehash007/CVE-2024-51567-RCE-EXPLOIT★ 1⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://cwe.mitre.org/data/definitions/420.htmlhttps://cwe.mitre.org/data/definitions/78.htmlhttps://cyberpanel.net/blog/detials-and-fix-of-recent-security-issue-and-patch-of-cyberpanelhttps://cyberpanel.net/KnowledgeBase/home/change-logs/https://dreyand.rs/code/review/2024/10/27/what-are-my-options-cyberpanel-v236-pre-auth-rcehttps://github.com/usmannasir/cyberpanel/commit/5b08cd6d53f4dbc2107ad9f555122ce8b0996515https://www.bleepingcomputer.com/news/security/massive-psaux-ransomware-attack-targets-22-000-cyberpanel-instances/https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-51567