What is CVE-2023-39964?

CVE-2023-39964 is a high-severity vulnerability in 1panel-dev 1panel, classified under Path Traversal. CVSS score: 7.5/10. Published 2023-08-10.

How severe is CVE-2023-39964?

High severity. CVSS v3 base score is 7.5 out of 10.

Path Traversal in 1panel-dev 1panel

CVE-2023-39964

1Panel is an open source Linux server operation and maintenance management panel. In version 1.4.3, arbitrary file reads allow an attacker to read arbitrary important configuration files on the server. In the `api/v1/file.go` file, there i…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.003 (54.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.

Affected products

1panel-dev 1panel — versions = 1.4.3

Weakness classification (CWE)

CWE-22 — Path Traversal

References

https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-pv7q-v9mv-9mh5 (x_refsource_CONFIRM)
https://github.com/1Panel-dev/1Panel/releases/tag/v1.5.0 (x_refsource_MISC)

Frequently asked questions

What is CVE-2023-39964?: CVE-2023-39964 is a high-severity vulnerability in 1panel-dev 1panel, classified under Path Traversal. CVSS score: 7.5/10. Published 2023-08-10.
How severe is CVE-2023-39964?: High severity. CVSS v3 base score is 7.5 out of 10.