Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2024-53376

Description

CyberPanel before 2.3.8 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the phpSelection field to the websites/submitWebsiteCreation URI.

POC

Reference

- https://github.com/ThottySploity/CVE-2024-53376

- https://github.com/ThottySploity/CVE-2024-53376/blob/aa306187323bd1127d56803cb34cac8820b61484/cyberpanel.py#L70

- https://thottysploity.github.io/posts/cve-2024-53376

Github

- https://github.com/12442RF/POC

- https://github.com/20142995/nuclei-templates

- https://github.com/ARPSyndicate/cve-scores

- https://github.com/DMW11525708/wiki

- https://github.com/Lern0n/Lernon-POC

- https://github.com/ThottySploity/CVE-2024-53376

- https://github.com/Threekiii/CVE

- https://github.com/adysec/POC

- https://github.com/cyb3r-w0lf/nuclei-template-collection

- https://github.com/eeeeeeeeee-code/POC

- https://github.com/greenberglinken/2023hvv_1

- https://github.com/iemotion/POC

- https://github.com/laoa1573/wy876

- https://github.com/nomi-sec/PoC-in-GitHub

- https://github.com/oLy0/Vulnerability

- https://github.com/wy876/POC

- https://github.com/wy876/wiki