CVE-2023-36458

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Jul 5, 2023

Updated: Jul 11, 2023

CWE ID 77

Summary

CVE-2023-36458 is a vulnerability affecting the 1Panel open source Linux server management tool. This issue, discovered before version 1.3.6, allows authenticated attackers to execute command injections by crafting malicious payloads when using the container terminal. The vulnerability poses a significant risk, as it enables attackers to gain unauthorized access and potentially take control of the system. This issue has been remedied in version 1.3.6, which users are strongly encouraged to update to.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/r4xDDf
https://www.cve.org/CVERecord?id=CVE-2023-36458
https://nvd.nist.gov/vuln/detail/CVE-2023-36458

Back to Vulnerability Database

CVE-2023-36458

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations