0Xecute

**Name of the Vulnerable Software and Affected Versions** Vesta Control Panel (VestaCP) versions 0.9.7 through 0.9.8-23 **Description** The issue concerns an authenticated command execution that can result in remote root access on the server. VestaCP uses PHP as the frontend language and shell scripts to execute system actions, with PHP executing shell scripts through the `exec` function. This function can be dangerous if arguments passed to it are not filtered. Although VestaCP filters user input with the `escapeshellarg` function, which adds single quotes around a string and quotes/escapes any existing single quotes, it uses this function incorrectly in several places. **Recommendations** For Vesta Control Panel (VestaCP) versions 0.9.7 through 0.9.8-23, consider disabling the `exec` function until a patch is available to prevent exploitation. Restrict access to shell scripts to minimize the risk of exploitation. Avoid using user input as arguments for the `exec` function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.