Av01T3X

**Name of the Vulnerable Software and Affected Versions** 1Panel versions 1.10.33 through 2.0.15 **Description** 1Panel versions 1.10.33 through 2.0.15 are affected by a cross-site request forgery (CSRF) issue in the Change Username functionality, accessible through the settings panel at the `/settings/panel` endpoint. The endpoint lacks CSRF protections, such as anti-CSRF tokens or Origin/Referer validation. An attacker can create a malicious webpage that submits a request to change a user's username. If a logged-in user visits this page, their browser sends valid session cookies, allowing the attacker to successfully change the username without the user's knowledge. This can lead to account lockout and denial of service, as the user will be unable to log in with their previous username after the change. **Recommendations** 1Panel versions 1.10.33 through 2.0.15 should be updated to a version that includes CSRF protections for the Change Username functionality. As a temporary workaround, consider restricting access to the `/settings/panel` endpoint to trusted networks or users.

**Name of the Vulnerable Software and Affected Versions** 1Panel versions 1.10.33 through 2.0.15 **Description** The software contains a cross-site request forgery (CSRF) issue in the web port configuration functionality. The `port-change` endpoint does not have CSRF protections, such as anti-CSRF tokens or Origin/Referer validation. An attacker can create a malicious webpage that submits a port-change request. If a user visits this webpage while logged in, their browser sends valid session cookies, allowing the request to succeed. This enables an attacker to modify the port the 1Panel web service uses, potentially disrupting service or causing a denial of service, and possibly exposing the service on a port selected by the attacker. **Recommendations** Update 1Panel to a version later than 2.0.15.

**Name of the Vulnerable Software and Affected Versions** 1Panel versions 1.10.33 through 2.0.15 **Description** 1Panel is affected by a cross-site request forgery (CSRF) issue in the panel name management functionality. The affected functionality lacks CSRF protections, such as anti-CSRF tokens or Origin/Referer validation. An attacker can create a malicious webpage that submits a panel-name change request. If a user visits this page while logged in, their browser will include valid session cookies, allowing the request to succeed. This enables a remote attacker to modify the user’s panel name without their knowledge or consent. The vulnerable endpoint does not have sufficient CSRF defenses. **Recommendations** Update 1Panel to a version later than 2.0.15. Update 1Panel to a version later than 1.10.33.