CVE-2024-53584

Name of the Vulnerable Software and Affected Versions OpenPanel version 0.3.4

Description A command injection vulnerability was discovered in OpenPanel, allowing an attacker to inject system commands via the timezone parameter. This issue can potentially be exploited to execute arbitrary system commands.

Recommendations For OpenPanel version 0.3.4, as a temporary workaround, consider restricting access to the timezone parameter until a patch is available. Avoid using the timezone parameter in affected configurations to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.