Erik Smit

Name of the Vulnerable Software and Affected Versions: DirectAdmin versions prior to 1.334 Description: The issue allows remote authenticated users to gain privileges via shell metacharacters in the `name` parameter during a restore action. This is related to the CMD DB in JBMC Software. Recommendations: For versions prior to 1.334, update to version 1.334 or later to resolve the issue. As a temporary workaround, consider restricting access to the restore action to minimize the risk of exploitation. Avoid using shell metacharacters in the `name` parameter until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: JBMC Software DirectAdmin versions prior to 1.334 Description: The issue allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory. This is related to a request for this temporary file in the PATH INFO to the CMD DB script during a backup action. Recommendations: For versions prior to 1.334, update to version 1.334 or later to resolve the issue. As a temporary workaround, consider restricting access to the temporary directory and the CMD DB script to minimize the risk of exploitation.