CyberPanel vulnerability allows remote attackers to bypass authentication and execute arbitrary commands

CVE-2024-51378

9.8CRITICAL

Key Information

Vendor: CyberPanel
Status: Cyberpanel
Vendor: CVE Published:; 29 October 2024

Badges

💰 Ransomware👾 Exploit Exists🟡 Public PoC🦅 CISA Reported📰 News Worthy

Summary

The Cybersecurity and Infrastructure Security Agency (CISA) has issued warnings about several vulnerabilities that are actively being exploited, including CyberPanel, North Grid, ProjectSend, and Zyxel firewalls. These vulnerabilities allow attackers to bypass authentication and execute arbitrary commands, conduct XXE attacks, modify application configurations, and upload or download files through path traversal vulnerabilities. The vulnerabilities have been linked to ransomware campaigns and their exploitation in the wild. Organizations are urged to apply vendor-provided patches or mitigation steps immediately or discontinue use of the affected products if fixes are not available. These vulnerabilities have severe consequences, including data breaches, system compromises, and ransomware attacks, and organizations are advised to strengthen monitoring for suspicious activity. The deadline for federal agencies to remediate these vulnerabilities is December 24 or 25, 2024, depending on the specific flaw.

CISA Reported

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2024-51378 as being exploited and is known by the CISA as enabling ransomware campaigns.

The CISA's recommendation is: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2024-51378
Created by refr4g