CVE-2024-39907

1Panel is a web-based linux server management control panel. There are many sql injections in the project, and some of them are not well filtered, leading to arbitrary file writes, and ultimately leading to RCEs. These sql injections have been resolved in version 1.10.12-tls. Users are advised to upgrade. There are no known workarounds for these issues.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-5grx-v727-qmq6	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:fit2cloud:1panel:*:*:*:*:*:*:*:*

History

10 Sep 2024, 19:07

Type	Values Removed	Values Added
First Time		Fit2cloud Fit2cloud 1panel
References	~~() https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-5grx-v727-qmq6 -~~	() https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-5grx-v727-qmq6 - Exploit, Third Party Advisory
CPE		cpe:2.3:a:fit2cloud:1panel::::::::

19 Jul 2024, 13:01

Type	Values Removed	Values Added
Summary		(es) 1Panel es un panel de control de gestión de servidores Linux basado en web. Hay muchas inyecciones de SQL en el proyecto y algunas de ellas no están bien filtradas, lo que provoca escrituras de archivos arbitrarias y, en última instancia, conduce a RCE. Estas inyecciones de SQL se resolvieron en la versión 1.10.12-tls. Se recomienda a los usuarios que actualicen. No se conocen workarounds para estos problemas.

18 Jul 2024, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-07-18 16:15

Updated : 2024-09-10 19:07

NVD link : CVE-2024-39907

Mitre link : CVE-2024-39907

CVE.ORG link : CVE-2024-39907

JSON object : View

Products Affected

fit2cloud

1panel

CWE

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

{"id": "CVE-2024-39907", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2024-07-18T16:15:07.293", "references": [{"url": "https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-5grx-v727-qmq6", "tags": ["Exploit", "Third Party Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-89"}]}, {"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "1Panel is a web-based linux server management control panel. There are many sql injections in the project, and some of them are not well filtered, leading to arbitrary file writes, and ultimately leading to RCEs. These sql injections have been resolved in version 1.10.12-tls. Users are advised to upgrade. There are no known workarounds for these issues."}, {"lang": "es", "value": "1Panel es un panel de control de gesti\u00f3n de servidores Linux basado en web. Hay muchas inyecciones de SQL en el proyecto y algunas de ellas no est\u00e1n bien filtradas, lo que provoca escrituras de archivos arbitrarias y, en \u00faltima instancia, conduce a RCE. Estas inyecciones de SQL se resolvieron en la versi\u00f3n 1.10.12-tls. Se recomienda a los usuarios que actualicen. No se conocen workarounds para estos problemas."}], "lastModified": "2024-09-10T19:07:23.370", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:fit2cloud:1panel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4985775A-3A3F-4416-A9E4-356E21E034A4", "versionEndExcluding": "1.10.12-lts", "versionStartIncluding": "1.10.9-lts"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}