OS Command Injection in File-Manager of MGT CloudPanel 2.0.0 - 2.3.2

OS Command Injection in File-Manager of MGT CloudPanel 2.0.0 - 2.3.2

CVE-2023-46157 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

File-Manager in MGT CloudPanel 2.0.0 through 2.3.2 allows the lowest privilege user to achieve OS command injection by changing file ownership and changing file permissions to 4755.

Learn more about our Cloud Audit.