Primary

Context

Machsol MachPanel File Upload Vulnerability Allowing Web Shell Access

Vulnerability

A file upload vulnerability has been identified in Machsol MachPanel version 8.0.32. This vulnerability allows an attacker to upload an ASPx web shell, which can then be used to execute commands on the server.

Impact

Exploitation of this vulnerability allows for unauthorized file uploads, leading to the execution of malicious scripts on the server.

Reproduction

To reproduce this vulnerability, navigate to the 'Submit Ticket' page within the MachPanel control panel. Upload an ASPx web shell as an attachment with the ticket submission. Once the ticket is submitted, access the uploaded file to execute the web shell, which can be used to run commands on the server, such as 'whoami'.

Added: Dec 29, 2025, 2:17 PM

Updated: Dec 29, 2025, 4:07 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

7.7

remediation

0.0

relevance

1.8

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

7.7

remediation

0.0

relevance

1.8

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Machsol MachPanel File Upload Vulnerability Allowing Web Shell Access

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating