CVE-2023-25132

Name of the Vulnerable Software and Affected Versions PowerPanel Business Local/Remote for Windows versions 4.8.6 and earlier PowerPanel Business Management for Windows versions 4.8.6 and earlier PowerPanel Business Local/Remote for Linux 32bit versions 4.8.6 and earlier PowerPanel Business Local/Remote for Linux 64bit versions 4.8.6 and earlier PowerPanel Business Management for Linux 32bit versions 4.8.6 and earlier PowerPanel Business Management for Linux 64bit versions 4.8.6 and earlier PowerPanel Business Local/Remote for MacOS versions 4.8.6 and earlier PowerPanel Business Management for MacOS versions 4.8.6 and earlier

Description The issue allows remote attackers to execute operating system commands via unspecified vectors due to an unrestricted upload of a file with a dangerous type vulnerability in the default.cmd file.

Recommendations For PowerPanel Business Local/Remote for Windows versions 4.8.6 and earlier, update to a version later than 4.8.6. For PowerPanel Business Management for Windows versions 4.8.6 and earlier, update to a version later than 4.8.6. For PowerPanel Business Local/Remote for Linux 32bit versions 4.8.6 and earlier, update to a version later than 4.8.6. For PowerPanel Business Local/Remote for Linux 64bit versions 4.8.6 and earlier, update to a version later than 4.8.6. For PowerPanel Business Management for Linux 32bit versions 4.8.6 and earlier, update to a version later than 4.8.6. For PowerPanel Business Management for Linux 64bit versions 4.8.6 and earlier, update to a version later than 4.8.6. For PowerPanel Business Local/Remote for MacOS versions 4.8.6 and earlier, update to a version later than 4.8.6. For PowerPanel Business Management for MacOS versions 4.8.6 and earlier, update to a version later than 4.8.6.