Vulnerability Details CVE-2023-46157
File-Manager in MGT CloudPanel 2.0.0 through 2.3.2 allows the lowest privilege user to achieve OS command injection by changing file ownership and changing file permissions to 4755.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.023
EPSS Ranking 81.2%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2023-46157
-
cpe:2.3:a:mgt-commerce:cloudpanel:2.0.0
-
cpe:2.3:a:mgt-commerce:cloudpanel:2.0.1
-
cpe:2.3:a:mgt-commerce:cloudpanel:2.0.2
-
cpe:2.3:a:mgt-commerce:cloudpanel:2.0.3
-
cpe:2.3:a:mgt-commerce:cloudpanel:2.0.4
-
cpe:2.3:a:mgt-commerce:cloudpanel:2.1.0
-
cpe:2.3:a:mgt-commerce:cloudpanel:2.2.0
-
cpe:2.3:a:mgt-commerce:cloudpanel:2.2.1
-
cpe:2.3:a:mgt-commerce:cloudpanel:2.2.2
-
cpe:2.3:a:mgt-commerce:cloudpanel:2.3.0
-
cpe:2.3:a:mgt-commerce:cloudpanel:2.3.1
-
cpe:2.3:a:mgt-commerce:cloudpanel:2.3.2