{"id":"CVE-2024-51567","details":"upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows remote attackers to bypass authentication and execute arbitrary commands via /dataBases/upgrademysqlstatus by bypassing secMiddleware (which is only for a POST request) and using shell metacharacters in the statusfile property, as exploited in the wild in October 2024 by PSAUX. Versions through 2.3.6 and (unpatched) 2.3.7 are affected.","modified":"2026-04-02T12:23:32.943342Z","published":"2024-10-29T23:15:04.307Z","references":[{"type":"WEB","url":"https://www.bleepingcomputer.com/news/security/massive-psaux-ransomware-attack-targets-22-000-cyberpanel-instances/"},{"type":"WEB","url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-51567"},{"type":"ADVISORY","url":"https://cyberpanel.net/KnowledgeBase/home/change-logs/"},{"type":"FIX","url":"https://github.com/usmannasir/cyberpanel/commit/5b08cd6d53f4dbc2107ad9f555122ce8b0996515"},{"type":"FIX","url":"https://dreyand.rs/code/review/2024/10/27/what-are-my-options-cyberpanel-v236-pre-auth-rce"},{"type":"ARTICLE","url":"https://cwe.mitre.org/data/definitions/420.html"},{"type":"ARTICLE","url":"https://cwe.mitre.org/data/definitions/78.html"},{"type":"ARTICLE","url":"https://cyberpanel.net/blog/detials-and-fix-of-recent-security-issue-and-patch-of-cyberpanel"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/usmannasir/cyberpanel","events":[{"introduced":"0"},{"fixed":"5b08cd6d53f4dbc2107ad9f555122ce8b0996515"}]}],"versions":["single_mysql","v1.7","v1.8.7","v1.8.9","v1.9.1"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"2.3.8"}]},{"events":[{"introduced":"0"},{"fixed":"5b08cd6"}]},{"events":[{"introduced":"0"},{"last_affected":"2.3.6"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-51567.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}