Go back to All Blog posts

Remote Code Execution Vulnerability in CyberPanel

Nethanel Gelernter
October 29th, 2024
RCE CyberPanel

IONIX Tracks CyberPanel Remote Code Execution (no CVE yet) – See if You’re Impacted

What is CyberPanel?

CyberPanel is a free and open-source control panel for Linux servers, designed to simplify web hosting and server management tasks.

CyberPanel RCE

A recent vulnerability was discovered in CyberPanel, allowing an easy remote code execution on the affected machines. The vulnerability is known to be exploited in the wild and an exploit is publicly available. According to an article on DreyAnd, “This lead to a 0-click pre-auth root RCE on the latest version (2.3.6 as of now). It’s currently still “unpatched”, as in, the maintainers have been notified, a patch has been done but still waiting for the CVE & for the fix to make the make it to he main release.”

We recommend upgrading to the latest version available in Github (patch is referenced). IONIX customers will find impacted assets easily identified in the threat center of the IONIX portal.

From the CyberPanel website:
“Recently, two security experts contacted us about a code-level vulnerability in CyberPanel. Specifically, we missed a condition in the code that could expose certain server details valuable to hackers.

NOTE: We’re not sharing the exact location of the vulnerability to avoid exposing servers that still need updating.

When the experts informed us about the issue, we immediately reviewed their findings and released a security patch within 30 minutes. If the experts are reading this, they know how swiftly we acted. They later advised us to announce this issue publicly, but we requested to hold off to allow users time to update for security reasons. Though we didn’t initially announce it, a routine update included the security patch.

Unfortunately, the information was revealed on a third-party site, leading to concerns among our users.”

References

What Are My OPTIONS? CyberPanel v2.3.6 pre-auth RCE DreyAnd’s Web Security Blog where the vulnerability was identified.
Github patch
CyberPanel blog with additional information on the exposure.

REQUEST A THREAT EXPOSURE REPORT TODAY

Discover the full extent of your online exposure so you can protect it.