CVE-2023-39965

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Aug 10, 2023
Updated: Sep 8, 2023
CWE ID 863

Summary

CVE-2023-39965 is a vulnerability affecting version 1.4.3 of the 1Panel open source Linux server management tool. This issue grants authenticated attackers unauthorized access to download arbitrary files via the API interface. The attackers can obtain the content of these files, potentially leading to significant information leakage. System administrators are advised to upgrade to version 1.5.0, which contains a patch for this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share