1Panel is a web-based linux server management control panel. 1Panel contains an unspecified sql injection via User-Agent handling. This issue has been addressed in version 1.10.12-lts. Users are advised to upgrade. There are no known workarounds for this vulnerability.
The attacker sends a specially crafted HTTP User-Agent header containing a malicious SQL payload to a 1Panel application endpoint. The application does not properly filter input data from this header before passing it to the database query, allowing manipulation of SQL query logic. According to available references, the vulnerability can lead to escalation to remote code execution (RCE).
An unauthenticated remote attacker can gain unauthorized access to data stored in the database, and potentially take full control of the server by escalating the SQL injection to RCE.
1Panel must be updated immediately to version 1.10.12-lts or later. The vendor does not provide any workarounds for this vulnerability — the only effective solution is to update.
Fit2Cloud 1Panel in all versions prior to 1.10.12-lts
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HFit2cloud 1panel
APPFit2Cloud1.10.10-lts – 1.10.12-lts (bez)
Related vulnerabilities
SQL Injection w Fit2Cloud 1Panel umożliwiający RCE poprzez zapis plików
1Panel versions 1.10.33 - 2.0.15 contain a cross-site request forgery (CSRF) vulnerability in the Change Usern...
1Panel versions 1.10.33 - 2.0.15 contain a cross-site request forgery (CSRF) vulnerability in the web port con...
1Panel is an open-source, web-based control panel for Linux server management. Versions 2.0.13 and below allow...
OS Command injection vulnerability in function OperateSSH in 1panel 2.0.8 allowing attackers to execute arbitr...