Vulnerability in Vesta Control Panel (Cp)
CVE-2018-25117
VestaCP commit a3f0fa1 (2018-05-31) up to commit ee03eff (2018-06-13) contain embedded malicious code that resulted in a supply-chain compromise. New installations created from the compromised installer since at least May 2018 were subject…
EPSS: 0.004 (32.0th percentile) — read the EPSS interpretation.
Affected products
- Vesta Control Panel (Cp) — versions a3f0fa1501d424477786e3e7150bb05c0b99518f
Weakness classification (CWE)
References
- disclosure@vulncheck.com (technical-description)
- disclosure@vulncheck.com (patch)
- disclosure@vulncheck.com (exploit, patch)
- disclosure@vulncheck.com (issue-tracking)
- disclosure@vulncheck.com (vendor-advisory, patch)
- disclosure@vulncheck.com (product)
- disclosure@vulncheck.com (product)
- disclosure@vulncheck.com (third-party-advisory)