CVE-2024-51567
high-risk
Published 2024-10-29
upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows remote attackers to bypass authentication and execute arbitrary commands via /dataBases/upgrademysqlstatus by bypassing secMiddleware (which is only for a POST request) and using shell metacharacters in the statusfile property, as exploited in the wild in October 2024 by PSAUX. Versions through 2.3.6 and (unpatched) 2.3.7 are affected.
Do I need to act?
!
94.3% chance of exploitation in next 30 days
EPSS score — higher than 6% of all CVEs
!
CISA KEV: actively exploited in the wild
On the Known Exploited Vulnerabilities catalog — federal agencies must patch
+
Fix available
Upgrade to: 5b08cd6d53f4dbc2107ad9f555122ce8b0996515
10
CVSS 10.0/10
Critical
NETWORK
/ LOW complexity
Affected Products (1)
Affected Vendors
References (8)
Technical Description
https://cwe.mitre.org/data/definitions/420.html
Technical Description
https://cwe.mitre.org/data/definitions/78.html
Release Notes
https://cyberpanel.net/KnowledgeBase/home/change-logs/
Press/Media Coverage
https://www.bleepingcomputer.com/news/security/massive-psaux-ransomware-attack-t...
US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-...
65
/ 100
high-risk
Severity
33/34 · Critical
Exploitability
27/34 · High
Exposure
5/34 · Minimal