CVE-2024-53584
published 2025-01-31CVE-2024-53584: OpenPanel v0.3.4 was discovered to contain an OS command injection vulnerability via the timezone parameter.
PriorityP274critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
4.11%
89.5th percentile
OpenPanel v0.3.4 was discovered to contain an OS command injection vulnerability via the timezone parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| openpanel | openpanel | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect OS command injection attempts against the OpenPanel timezone endpoint by inspecting POST body to /server/timezone for shell metacharacters (e.g., semicolons, pipes, backticks) within the 'timezone' parameter. ↗
- →Monitor POST requests to /server/timezone on port 2083 (OpenPanel default) for anomalous timezone values that do not match standard IANA timezone strings. ↗
- →Alert on Content-Type: application/x-www-form-urlencoded POST requests to /server/timezone where the body contains URL-encoded shell command separators such as %3B (;) or command strings like 'cat', 'shadow', or redirection operators. ↗
- ·The exploit was tested against OpenPanel v0.3.4 specifically; other versions may or may not be vulnerable. Confirm version before applying detections. ↗
- ·The exploit was tested on macOS; behavior on Linux-based production deployments of OpenPanel may differ slightly in command execution context. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
2025-01-31
Published