Refr4G

**Name of the Vulnerable Software and Affected Versions** CyberPanel versions prior to 1c0c6cb CyberPanel versions through 2.3.6 CyberPanel version 2.3.7 **Description** The issue is related to incorrect default permissions in CyberPanel, allowing remote attackers to bypass authentication and execute arbitrary commands via `/dns/getresetstatus` or `/ftp/getresetstatus` by bypassing secMiddleware and using shell metacharacters in the `statusfile` property. This vulnerability has been exploited in the wild, with over 880K services found to be vulnerable. It is estimated that over 22k servers have been targeted in a massive ransomware attack. **Recommendations** For CyberPanel versions prior to 1c0c6cb, update to a version after 1c0c6cb to resolve the issue. For CyberPanel versions through 2.3.6, update to a version after 2.3.6 to resolve the issue. For CyberPanel version 2.3.7, apply the necessary patches or updates to resolve the issue. As a temporary workaround, consider disabling the `getresetstatus` function in `dns/views.py` and `ftp/views.py` until a patch is available. Restrict access to the vulnerable endpoints `/dns/getresetstatus` and `/ftp/getresetstatus` to minimize the risk of exploitation. Avoid using the `statusfile` property in the affected API endpoints until the issue is resolved.