Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ZPanel zsudo Local Privilege Escalation
Vulnerability Description
ZPanel includes a helper binary named zsudo, intended to allow restricted privilege escalation for administrative tasks. However, when misconfigured in /etc/sudoers, zsudo can be invoked by low-privileged users to execute arbitrary commands as root. This flaw enables local attackers with shell access to escalate privileges by writing a payload to a writable directory and executing it via zsudo. The vulnerability is particularly impactful in post-exploitation scenarios following web server compromise, where the attacker inherits access to zsudo.
CVSS Information
N/A
Vulnerability Type
特权管理不恰当
Vulnerability Title
zpanelx 安全漏洞
Vulnerability Description
zpanelx是The ZPanel Project开源的一个web托管控制面板。 zpanelx存在安全漏洞,该漏洞源于zsudo配置不当,可能导致本地攻击者通过写入有效载荷并执行来提升权限。
CVSS Information
N/A
Vulnerability Type
N/A