MEDIUM🇬🇧 English

CVE-2022-3967

CVSS 5.3v3.1pub. 2022-11-13upd. 2024-11-21

A vulnerability, which was classified as critical, was found in Vesta Control Panel. Affected is an unknown function of the file func/main.sh of the component sed Handler. The manipulation leads to argument injection. An attack has to be approached locally. The name of the patch is 39561c32c12cabe563de48cc96eccb9e2c655e25. It is recommended to apply a patch to fix this issue. VDB-213546 is the identifier assigned to this vulnerability.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  • Vestacp Control Panel

    APP
    Vestacp
    < 2022-07-18
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2021-46850HIGH7.2ten sam produkt

myVesta Control Panel before 0.9.8-26-43 and Vesta Control Panel before 0.9.8-26 are vulnerable to command inj...

CVE-2021-30463HIGH7.8ten sam produkt

VestaCP through 0.9.8-24 allows attackers to gain privileges by creating symlinks to files for which they lack...

CVE-2019-12792HIGH8.8ten sam produkt

A command injection vulnerability in UploadHandler.php in Vesta Control Panel 0.9.8-24 allows remote attackers...

CVE-2019-12791HIGH8.8ten sam produkt

A directory traversal vulnerability in the v-list-user script in Vesta Control Panel 0.9.8-24 allows remote at...

CVE-2015-4117HIGH8.8ten sam produkt

Vesta Control Panel before 0.9.8-14 allows remote authenticated users to execute arbitrary commands via shell ...