Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1020 CNY

100%
Buy Us a Coffee

CVE-2026-34234— CtrlPanel: Unauthenticated RCE using installer script

CVSS 10.0 · Critical EPSS 0.20% · P42

Affected Version Matrix 1

VendorProductVersion RangeStatus
Ctrlpanel-ggpanel< 1.2.0affected
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-34234

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
CtrlPanel: Unauthenticated RCE using installer script
Source: NVD (National Vulnerability Database)
Vulnerability Description
CtrlPanel is open-source billing software for hosting providers. In versions 1.1.1 and prior, the web-based installer (public/installer/index.php) is vulnerable to unauthenticated Remote Code Execution (RCE) because it performs the install.lock check only after including and executing form handler files, leaving installer endpoints reachable on already-installed instances. The handlers also pass unsanitized user input directly into shell commands, allowing an attacker to submit crafted requests that execute arbitrary commands on the server. The vulnerability stems from two combined weaknesses: (1) premature form handler execution before the lock file gate, and (2) unsafe use of user input in shell command construction. This issue is reported to be actively exploited in the wild. The issue has been fixed in version 1.2.0.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Source: NVD (National Vulnerability Database)
Vulnerability Title
CtrlPanel.gg 操作系统命令注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
CtrlPanel.gg是CtrlPanel.gg开源的一款主机服务计费管理工具。 CtrlPanel.gg 1.1.1及之前版本存在操作系统命令注入漏洞,该漏洞源于Web安装程序在包含并执行表单处理文件后才进行install.lock检查,且未对用户输入进行清理直接传递给shell命令,可能导致未经身份验证的远程代码执行。以下版本受到影响:1.1.1及之前版本。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
Ctrlpanel-ggpanel < 1.2.0 -

II. Public POCs for CVE-2026-34234

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium
Qwen3.6-35B-A3B · 10238 chars
Paid plan includes:
In-depth vulnerability mechanism
Trigger conditions & impact
Full executable POC code
Exploit chain & mitigation
POC zip download
100+ AI POC generations per month

III. Intelligence Information for CVE-2026-34234

登录查看更多情报信息。

Same Patch Batch · Ctrlpanel-gg · 2026-05-19 · 6 CVEs total

CVE-2026-342418.7 HIGHCtrlPanel: Stored XSS in Ticket Reply Notifications Allows Session Hijacking
CVE-2026-343588.1 HIGHCtrlPanel: Missing Authorization on Admin Write Endpoints Allows RBAC Bypass
CVE-2026-342166.6 MEDIUMCtrlPanel: Authenticated Remote Code Execution via Dynamic Class Instantiation in Settings
CVE-2026-342336.5 MEDIUMCtrlPanel has Missing Authentication Checks in Datatable Admin Endpoints
CVE-2026-342464.8 MEDIUMCtrlPanel: Stored XSS in Admin Role Management via Unescaped DataTable HTML Output

IV. Related Vulnerabilities

Same product: panel
Same vendor: Ctrlpanel-gg
Same weakness: CWE-78

V. Comments for CVE-2026-34234

No comments yet

Leave a comment