CVE-2024-51378

Known Exploited Public Exploit

Description

getresetstatus in dns/views.py and ftp/views.py in CyberPanel (aka Cyber Panel) before 1c0c6cb allows remote attackers to bypass authentication and execute arbitrary commands via /dns/getresetstatus or /ftp/getresetstatus by bypassing secMiddleware (which is only for a POST request) and using shell metacharacters in the statusfile property, as exploited in the wild in October 2024 by PSAUX. Versions through 2.3.6 and (unpatched) 2.3.7 are affected.

References

Link	Tags
https://cwe.mitre.org/data/definitions/78.html	technical description
https://github.com/usmannasir/cyberpanel/commit/1c0c6cbcf71abe573da0b5fddfb9603e7477f683	patch
https://refr4g.github.io/posts/cyberpanel-command-injection-vulnerability/	exploit
https://cyberpanel.net/KnowledgeBase/home/change-logs/	release notes
https://cwe.mitre.org/data/definitions/420.html	technical description
https://cyberpanel.net/blog/detials-and-fix-of-recent-security-issue-and-patch-of-cyberpanel	product
https://www.bleepingcomputer.com/news/security/massive-psaux-ransomware-attack-targets-22-000-cyberpanel-instances/	press/media coverage exploit

Frequently Asked Questions

What is the severity of CVE-2024-51378?: CVE-2024-51378 has been scored as a critical severity vulnerability.
How to fix CVE-2024-51378?: To fix CVE-2024-51378, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-51378 being actively exploited in the wild?: It is confirmed that CVE-2024-51378 is actively exploited. Be extra cautious if you are using vulnerable components. According to its EPSS score, there is a ~94% probability that this vulnerability will be exploited by malicious actors in the next 30 days.

Description

Categories

CWE-78 – Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CWE-276 – Incorrect Default Permissions

References

Frequently Asked Questions