CVE-2024-51378

Name of the Vulnerable Software and Affected Versions CyberPanel versions prior to 1c0c6cb CyberPanel versions through 2.3.6 CyberPanel version 2.3.7

Description The issue is related to incorrect default permissions in CyberPanel, allowing remote attackers to bypass authentication and execute arbitrary commands via /dns/getresetstatus or /ftp/getresetstatus by bypassing secMiddleware and using shell metacharacters in the statusfile property. This vulnerability has been exploited in the wild, with over 880K services found to be vulnerable. It is estimated that over 22k servers have been targeted in a massive ransomware attack.

Recommendations For CyberPanel versions prior to 1c0c6cb, update to a version after 1c0c6cb to resolve the issue. For CyberPanel versions through 2.3.6, update to a version after 2.3.6 to resolve the issue. For CyberPanel version 2.3.7, apply the necessary patches or updates to resolve the issue. As a temporary workaround, consider disabling the getresetstatus function in dns/views.py and ftp/views.py until a patch is available. Restrict access to the vulnerable endpoints /dns/getresetstatus and /ftp/getresetstatus to minimize the risk of exploitation. Avoid using the statusfile property in the affected API endpoints until the issue is resolved.