N/A

WebPros Plesk before 18.0.73.5 and 18.0.74 before 18.0.74.2 on Linux allows remote authenticated users to execute arbitrary code as root via domain creation. The attacker needs "Create and manage sites" with "Domains management" and "Subdomains management."

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE-61

WebPros Plesk 安全漏洞

WebPros Plesk是WebPros公司的一个Web托管平台。 WebPros Plesk 18.0.73.5之前版本和18.0.74至18.0.74.2之前版本存在安全漏洞，该漏洞源于域创建功能存在缺陷，可能导致远程代码执行。

N/A

N/A