Michal Biesiada

**Name of the Vulnerable Software and Affected Versions** aaPanel version 7.57.0 **Description** A flaw exists in the VirtualHost configuration handling/parser component that can lead to a Regular Expression Denial of Service (ReDoS) condition. This can be triggered by providing a specially crafted input. **Recommendations** Update to a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** aaPanel version 7.57.0 **Description** An arbitrary file upload issue exists in aaPanel version 7.57.0. This allows attackers to execute arbitrary code by uploading a specially crafted file. The vulnerability involves the ability to upload files without proper validation, potentially leading to code execution. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.