GHSA-pv7q-v9mv-9mh5: 1Panel O&M management panel has a background arbitrary file reading vulnerability

Skip to content

• • Actions

    Automate any workflow

  • Packages

    Host and manage packages

  • Security

    Find and fix vulnerabilities

  • Codespaces

    Instant dev environments

  • Copilot

    Write better code with AI

  • Code review

    Manage code changes

  • Issues

    Plan and track work

  • Discussions

    Collaborate outside of code

• • GitHub Sponsors

    Fund open source developers

*   The ReadME Project
    
    GitHub community articles

• Pricing

1. GitHub Advisory Database
2. GitHub Reviewed
3. CVE-2023-39964

1Panel O&M management panel has a background arbitrary file reading vulnerability

High severity GitHub Reviewed Published Aug 10, 2023 in 1Panel-dev/1Panel • Updated Aug 10, 2023

Package

gomod github.com/1Panel-dev/1Panel (Go)

Affected versions

= 1.4.3

Description

Summary

Arbitrary file reads allow an attacker to read arbitrary important configuration files on the server.

Details

In the api/v1/file.go file, there is a function called LoadFromFile, which directly reads the file by obtaining the requested path parameter[path]. The request parameters are not filtered, resulting in a background arbitrary file reading vulnerability

PoC

Request /api/v1/files/loadfile, carry /etc/passwd data to read, as shown below:

Impact

1Panel v1.4.3

References

• GHSA-pv7q-v9mv-9mh5
• https://nvd.nist.gov/vuln/detail/CVE-2023-39964
• https://github.com/1Panel-dev/1Panel/releases/tag/v1.5.0

Published to the GitHub Advisory Database

Aug 10, 2023

Last updated

Aug 10, 2023