CVE-2023-39964
published 2023-08-10CVE-2023-39964: 1Panel is an open source Linux server operation and maintenance management panel. In version 1.4.3, arbitrary file reads allow an attacker to read arbitrary…
PriorityP278high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
ITWVulnCheck KEV
Exploited in the wild
EPSS
0.82%
52.6th percentile
1Panel is an open source Linux server operation and maintenance management panel. In version 1.4.3, arbitrary file reads allow an attacker to read arbitrary important configuration files on the server. In the `api/v1/file.go` file, there is a function called `LoadFromFile`, which directly reads the file by obtaining the requested path `parameter[path]`. The request parameters are not filtered, resulting in a background arbitrary file reading vulnerability. Version 1.5.0 has a patch for this issue.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| 1panel-dev | 1panel | — | — |
| fit2cloud | 1panel | — | — |
| github.com | 1panel-dev_1panel | >= 1.4.3 < 1.5.0 | 1.5.0 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
vulncheck7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
1Panel O&M management panel has a background arbitrary file reading vulnerability in github.com/1Panel-dev/1Panel
osv·2024-08-21
CVE-2023-39964 1Panel O&M management panel has a background arbitrary file reading vulnerability in github.com/1Panel-dev/1Panel
1Panel O&M management panel has a background arbitrary file reading vulnerability in github.com/1Panel-dev/1Panel
1Panel O&M management panel has a background arbitrary file reading vulnerability in github.com/1Panel-dev/1Panel
GHSA
1Panel O&M management panel has a background arbitrary file reading vulnerability
ghsa·2023-08-10
CVE-2023-39964 [HIGH] CWE-22 1Panel O&M management panel has a background arbitrary file reading vulnerability
1Panel O&M management panel has a background arbitrary file reading vulnerability
### Summary
Arbitrary file reads allow an attacker to read arbitrary important configuration files on the server.
### Details
In the api/v1/file.go file, there is a function called LoadFromFile, which directly reads the file by obtaining the requested path parameter[path]. The request parameters are not filtered, resulting in a background arbitrary file reading vulnerability
### PoC
Request /api/v1/files/loadfile, carry /etc/passwd data to read, as shown below:
### Impact
1Panel v1.4.3
OSV
1Panel O&M management panel has a background arbitrary file reading vulnerability
osv·2023-08-10
CVE-2023-39964 [HIGH] 1Panel O&M management panel has a background arbitrary file reading vulnerability
1Panel O&M management panel has a background arbitrary file reading vulnerability
### Summary
Arbitrary file reads allow an attacker to read arbitrary important configuration files on the server.
### Details
In the api/v1/file.go file, there is a function called LoadFromFile, which directly reads the file by obtaining the requested path parameter[path]. The request parameters are not filtered, resulting in a background arbitrary file reading vulnerability
### PoC
Request /api/v1/files/loadfile, carry /etc/passwd data to read, as shown below:
### Impact
1Panel v1.4.3
VulnCheck
fit2cloud 1panel Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
vulncheck·2023·CVSS 7.5
CVE-2023-39964 [HIGH] fit2cloud 1panel Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
fit2cloud 1panel Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
1Panel is an open source Linux server operation and maintenance management panel. In version 1.4.3, arbitrary file reads allow an attacker to read arbitrary important configuration files on the server. In the `api/v1/file.go` file, there is a function called `LoadFromFile`, which directly reads the file by obtaining the requested path `parameter[path]`. The request parameters are not filtered, resulting in a background arbitrary file reading vulnerability. Version 1.5.0 has a patch for this issue.
Affected: fit2cloud 1panel
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation R
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-08-10
Published
Exploited in the wild