Farpha

**Name of the Vulnerable Software and Affected Versions** CloudPanel versions 2.0.0 through 2.3.0 CloudPanel version 2.3.0 **Description** The issue is related to insufficient access control in the File Manager component of CloudPanel, specifically when handling `clp-fm` cookie files without verifying their authenticity and integrity. This can allow a remote attacker to gain unauthorized access to protected information and elevate their privileges. **Recommendations** For CloudPanel versions 2.0.0 through 2.3.0, update to version 2.3.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the File Manager component until a patch is applied.