Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
1Panel arbitrary file write vulnerability exists in the background
Vulnerability Description
1Panel is an open source Linux server operation and maintenance management panel. In version 1.4.3, an arbitrary file write vulnerability could lead to direct control of the server. In the `api/v1/file.go` file, there is a function called `SaveContentthat,It `recieves JSON data sent by users in the form of a POST request. And the lack of parameter filtering allows for arbitrary file write operations. Version 1.5.0 contains a patch for this issue.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Vulnerability Type
授权机制缺失
Vulnerability Title
1Panel 安全漏洞
Vulnerability Description
1Panel是中国1panel社区的一个开源的Linux服务器运维管理面板。 1Panel 1.4.3版本存在安全漏洞,该漏洞源于缺乏对参数的过滤。
CVSS Information
N/A
Vulnerability Type
N/A