Primary

Context

Open Panel Remote Code Execution Vulnerability

Vulnerability

A remote code execution vulnerability exists in Open Panel version 0.3.4. This issue arises from the Fix Permissions function, which can be exploited by a remote attacker to escalate privileges.

Impact

Exploitation of this vulnerability allows for remote code execution on the server where Open Panel 0.3.4 is running.

Reproduction

To reproduce this vulnerability, send a POST request to the '/fix-permissions' endpoint. Include a 'directory' parameter that contains a crafted payload. This payload can be used to execute arbitrary commands on the server, such as reading sensitive files or executing scripts.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.6

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.6

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Open Panel Remote Code Execution Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating