Skip to content

EagleTube/CloudPanel

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

38 Commits

CVE-2023-33747

CVE-2023-33747

 
 

CodeInjection.py

CodeInjection.py

 
 

README.md

README.md

 
 

Screenshot from 2023-06-06 14-56-42.png

Screenshot from 2023-06-06 14-56-42.png

 
 

Screenshot from 2023-06-06 15-00-21.png

Screenshot from 2023-06-06 15-00-21.png

 
 

image.png

image.png

 
 

Repository files navigation

CVE-2023-33747 Cloudpanel.io

Author: @EagleTube
Github : https://github.com/EagleTube/CloudPanel/tree/main/CVE-2023-33747
Tested version: v2.0.0 – v2.2.2
Patched version: v2.3.0
Vendor homepage: CloudPanel.io
Product: CloudPanel

Requirements :

  1. Need authenticated user on Cloudpanel.
  2. SSH enabled to run the python script.

Usage :

wget https://github.com/EagleTube/CloudPanel/blob/main/CVE-2023-33747/CVE-2023-33747_GetRoot.py
chmod +x CVE-2023-33747_GetRoot.py
python3 CVE-2023-33747_GetRoot.py

PROOF OF CONCEPT

Privilege Escalation in CloudPanel through path traversal from modifying file permission.

Privilege Escalation in CloudPanel through command injection from clpctlWrapper.

AFFECTED VERSION

CloudPanel v2.0.0 - v2.2.2

PATCH VERSION

CloudPanel v2.3.0

SPECIAL THANKS & REFERENCE

  1. Datack Sdn Bhd (full writeup) datack.my
  2. Maui sabily.info
  3. Farhan Phakhruddin (@farpha)

TIMELINE

14-05-2023 – Exploit Found
16-05-2023 – Privately disclose to vendor
17-05-2023 – Submitted to CVE assignee
31-05-2023 – CVE number assigned by MITRE
06-06-2023 – Patch released by the vendor (v2.3.0)
06-06-2023 – Exploit released to the public

About

Privilege Escalation in CloudPanel

Resources

Readme
Activity

Stars

1 star

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages