Command Injection Vulnerability in 1Panel v1.3.5 and earlier

Command Injection Vulnerability in 1Panel v1.3.5 and earlier

CVE-2023-36457 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

1Panel is an open source Linux server operation and maintenance management panel. Prior to version 1.3.6, an authenticated attacker can craft a malicious payload to achieve command injection when adding container repositories. The vulnerability has been fixed in v1.3.6.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.