CVE-2013-10053

Public Exploit

ZPanel <= 10.0.0.2 htpasswd Module Username Command Execution

Description

A remote command execution vulnerability exists in ZPanel version 10.0.0.2 in its htpasswd module. When creating .htaccess files, the inHTUsername field is passed unsanitized to a system() call that invokes the system’s htpasswd binary. By injecting shell metacharacters into the username field, an authenticated attacker can execute arbitrary system commands. Exploitation requires a valid ZPanel account—such as one in the default Users, Resellers, or Administrators groups—but no elevated privileges.

References

Link	Tags
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/webapp/zpanel_username_exec.rb	exploit
https://web.archive.org/web/20130617014355/http://forums.zpanelcp.com/showthread.php?27898-Serious-Remote-Execution-Exploit-in-Zpanel-10-0-0-2
https://github.com/zpanel/zpanelx	product
https://www.vulncheck.com/advisories/zpanel-htpasswd-module-username-command-execution	third party advisory

Frequently Asked Questions

What is the severity of CVE-2013-10053?: CVE-2013-10053 has been scored as a high severity vulnerability.
How to fix CVE-2013-10053?: To fix CVE-2013-10053, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2013-10053 being actively exploited in the wild?: It is possible that CVE-2013-10053 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~1% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2013-10053?: CVE-2013-10053 affects ZPanel Project ZPanel.

Description

Category

CWE-78 – Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

References

Frequently Asked Questions