CVE-2020-28657: Multiple SQL injections in bPanel2
Vendor: bittacora
Vendor URL: https://bittacora.com/
Versions affected: bPanel2
Discovered by: Pablo Martinez (@xassiz)
Public fix: Yes
Proof of Concept: No
Summary
bPanel2 is prone to multiple unauthenticated SQL injections.
Details
The administrative ajax endpoints (aka ajax/aj_*.php) are affected by SQL injections, which are accessible without authentication.
Impact
This could lead to platform compromise, by dumping and cracking administrative password hashes.
Recommendation
Update to a fixed version (>2).
Timeline
- 12/11/2020 - Reported vulnerability to vendor
- 18/11/2020 - Vendor acknowledges the issue, but says that it's already fixed in newer versions
- 02/03/2021 - Public disclosure