Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-36457: Release v1.3.6 · 1Panel-dev/1Panel

1Panel is an open source Linux server operation and maintenance management panel. Prior to version 1.3.6, an authenticated attacker can craft a malicious payload to achieve command injection when adding container repositories. The vulnerability has been fixed in v1.3.6.

CVE
#vulnerability#web#ubuntu#linux#debian#auth#ssh#docker#ssl

一、安装和升级****1.1 一键安装

CentOS/RHEL

curl -sSL https://resource.fit2cloud.com/1panel/package/quick_start.sh -o quick_start.sh && sh quick_start.sh

Ubuntu

curl -sSL https://resource.fit2cloud.com/1panel/package/quick_start.sh -o quick_start.sh && sudo bash quick_start.sh

Debian

curl -sSL https://resource.fit2cloud.com/1panel/package/quick_start.sh -o quick_start.sh && bash quick_start.sh

1.2 在线升级

登录 1Panel Web 控制台,在页面右下角点击 【检查更新】 进行在线升级。

更多信息请查阅在线文档:https://1panel.cn/docs/

二、更新日志****2.1 功能优化

  • 应用商店列表增加分页显示。 by @zhengkunwang223 in #1447
  • SSH 登录日志列表查询逻辑优化。 by @ssongliu in #1435

2.2 问题修复

  • 修复了由于 docker 版本低导致应用无法正常操作的问题。 by @zhengkunwang223 in #1446
  • 修复了执行备份根目录文件夹计划任务失败的问题。 by @ssongliu in #1444
  • 修复了系统数据库文件无法正常读写时系统提示错误的问题。 by @ssongliu in #1438
  • 修复了添加镜像仓库和进入容器终端存在命令注入的问题。 by @ssongliu in #1443
  • 修复了设置容器镜像加速和私有仓库时由于空行导致 docker 无法正常启用的问题。 by @ssongliu in #1437

Related news

GHSA-q2mx-gpjf-3h8x: 1Panel vulnerable to command injection when adding container repositories

### Impact The authenticated attacker can craft a malicious payload to achieve command injection when adding container repositories. 1. Vulnerability analysis. ``` backend\app\api\v1\image_repo.go#create ``` ![image](https://user-images.githubusercontent.com/46734380/249118560-8c20dac6-d1be-49d2-b2b2-9a4df9b7cd04.png) ``` backend\app\service\image_repo.go#CheckConn ``` ![image](https://user-images.githubusercontent.com/46734380/249118639-37b7a1e9-08a9-4316-8beb-39beefdceb33.png) 2. vulnerability reproduction. ``` POST /api/v1/containers/repo HTTP/1.1 Host: 192.168.109.152:40982 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/json, text/plain, */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/json X-CSRF-TOKEN: Content-Length: 446 Origin: http://192.168.109.152:40982 Connection: close Referer: http://192.168.109.152:40982/containers/repo Cookie: rem-username=admin; psession...

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907