1Panel is a web-based linux server management control panel. There are many sql injections in the project, and some of them are not well filtered, leading to arbitrary file writes, and ultimately leading to RCEs. These sql injections have been resolved in version 1.10.12-tls. Users are advised to upgrade. There are no known workarounds for these issues.
An attacker can remotely, without any authentication, submit crafted SQL queries to vulnerable endpoints of the 1Panel application. Due to insufficient input filtering, it is possible to execute SQL injection, which allows writing arbitrary files to the server's file system. By writing malicious executable files or scripts, an attacker can achieve full system takeover (RCE).
An attacker can gain full control over the system — compromising confidentiality, integrity, and availability of data — through remote execution of arbitrary code on the server without requiring any privileges.
1Panel should be updated to version 1.10.12-tls or newer, which includes fixes for the described SQL injection vulnerabilities. The vendor does not indicate any workarounds for these vulnerabilities.
Fit2Cloud 1Panel — all versions before 1.10.12-tls
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HFit2cloud 1panel
APPFit2Cloud1.10.9-lts – 1.10.12-lts (bez)
Related vulnerabilities
SQL Injection przez nagłówek User-Agent w Fit2Cloud 1Panel
1Panel versions 1.10.33 - 2.0.15 contain a cross-site request forgery (CSRF) vulnerability in the Change Usern...
1Panel versions 1.10.33 - 2.0.15 contain a cross-site request forgery (CSRF) vulnerability in the web port con...
1Panel is an open-source, web-based control panel for Linux server management. Versions 2.0.13 and below allow...
OS Command injection vulnerability in function OperateSSH in 1panel 2.0.8 allowing attackers to execute arbitr...