Untrusted Search Path Weakness in Parallels Plesk Panel by Parallels
CVE-2013-0133

Currently unrated

Key Information:

Vendor: Parallels
Status: Parallels Plesk Panel
Vendor: CVE Published:; 18 April 2013

What is CVE-2013-0133?

An untrusted search path vulnerability exists in the Parallels Plesk Panel 11.0.9, specifically within the /usr/local/psa/admin/sbin/wrapper component. This flaw allows local users to escalate privileges by manipulating the PATH environment variable. By crafting a malicious PATH, users can gain unauthorized access to sensitive system resources, potentially compromising server integrity.

References

http://www.kb.cert.org/vuls/id/310500

third-party-advisoryx_refsource_CERT-VN

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Apr 18, 2013