Moderate severityNVD Advisory· Published Mar 6, 2024· Updated Aug 27, 2024
1Panel open source panel project has an unauthorized vulnerability.
CVE-2024-27288
Description
1Panel is an open source Linux server operation and maintenance management panel. Prior to version 1.10.1-lts, users can use Burp to obtain unauthorized access to the console page. The vulnerability has been fixed in v1.10.1-lts. There are no known workarounds.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/1Panel-dev/1PanelGo | < 1.10.1-lts | 1.10.1-lts |
Affected products
1- Range: < 1.10.1-lts
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- github.com/advisories/GHSA-26w3-q4j8-4xjpghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-27288ghsaADVISORY
- github.com/1Panel-dev/1Panel/pull/4014ghsaWEB
- github.com/1Panel-dev/1Panel/releases/tag/v1.10.1-ltsghsax_refsource_MISCWEB
- github.com/1Panel-dev/1Panel/security/advisories/GHSA-26w3-q4j8-4xjpghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.