CVE-2024-24320 - OpenCVE

Directory Traversal vulnerability in Mgt-commerce CloudPanel v.2.0.0 thru v.2.4.0 allows a remote attacker to obtain sensitive information and execute arbitrary code via the service parameter of the load-logfiles function.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Mgt-commerce	Cloudpanel

Configuration 1 [-]

cpe:2.3:a:mgt-commerce:cloudpanel:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://datack.my/cloudpanel-v2-0-0-v2-4-0-authenticated-user-session-hijacking-cve-2024-24320/

History

Wed, 21 Aug 2024 15:00:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-120

Wed, 07 Aug 2024 17:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Mgt-commerce Mgt-commerce cloudpanel
Weaknesses		CWE-22
CPEs		cpe:2.3:a:mgt-commerce:cloudpanel::::::::
Vendors & Products		Mgt-commerce Mgt-commerce cloudpanel
Metrics		cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}`

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-06-14T00:00:00

Updated: 2024-08-21T13:54:40.516Z

Reserved: 2024-01-25T00:00:00

Link: CVE-2024-24320

Vulnrichment

Updated: 2024-08-01T23:19:52.025Z

NVD

Status : Modified

Published: 2024-06-14T18:15:27.200

Modified: 2024-08-21T14:35:04.240

Link: CVE-2024-24320

Redhat

No data.

{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2024-24320", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-08-21T13:54:40.516Z", "dateReserved": "2024-01-25T00:00:00", "datePublished": "2024-06-14T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-06-14T17:29:39.228635"}, "descriptions": [{"lang": "en", "value": "Directory Traversal vulnerability in Mgt-commerce CloudPanel v.2.0.0 thru v.2.4.0 allows a remote attacker to obtain sensitive information and execute arbitrary code via the service parameter of the load-logfiles function."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://datack.my/cloudpanel-v2-0-0-v2-4-0-authenticated-user-session-hijacking-cve-2024-24320/"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T23:19:52.025Z"}, "title": "CVE Program Container", "references": [{"url": "https://datack.my/cloudpanel-v2-0-0-v2-4-0-authenticated-user-session-hijacking-cve-2024-24320/", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-120", "lang": "en", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "affected": [{"vendor": "mgt-commerce", "product": "cloudpanel", "cpes": ["cpe:2.3:a:mgt-commerce:cloudpanel:2.0.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "2.0.0", "status": "affected"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-08-21T13:51:07.102129Z", "id": "CVE-2024-24320", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-21T13:54:40.516Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://datack.my/cloudpanel-v2-0-0-v2-4-0-authenticated-user-session-hijacking-cve-2024-24320/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T23:19:52.025Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-24320", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-08-21T13:51:07.102129Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:mgt-commerce:cloudpanel:2.0.0:*:*:*:*:*:*:*"], "vendor": "mgt-commerce", "product": "cloudpanel", "versions": [{"status": "affected", "version": "2.0.0"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-21T13:54:27.217Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://datack.my/cloudpanel-v2-0-0-v2-4-0-authenticated-user-session-hijacking-cve-2024-24320/"}], "descriptions": [{"lang": "en", "value": "Directory Traversal vulnerability in Mgt-commerce CloudPanel v.2.0.0 thru v.2.4.0 allows a remote attacker to obtain sensitive information and execute arbitrary code via the service parameter of the load-logfiles function."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-06-14T17:29:39.228635"}}}, "cveMetadata": {"cveId": "CVE-2024-24320", "state": "PUBLISHED", "dateUpdated": "2024-08-21T13:54:40.516Z", "dateReserved": "2024-01-25T00:00:00", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2024-06-14T00:00:00", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mgt-commerce:cloudpanel:*:*:*:*:*:*:*:*", "matchCriteriaId": "BEE27786-FBED-427C-892D-0EE5FFEA269A", "versionEndIncluding": "2.4.0", "versionStartIncluding": "2.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Directory Traversal vulnerability in Mgt-commerce CloudPanel v.2.0.0 thru v.2.4.0 allows a remote attacker to obtain sensitive information and execute arbitrary code via the service parameter of the load-logfiles function."}, {"lang": "es", "value": "Vulnerabilidad de Directory Traversal en Mgt-commerce CloudPanel v.2.0.0 a v.2.4.0 permite a un atacante remoto obtener informaci\u00f3n confidencial y ejecutar c\u00f3digo arbitrario a trav\u00e9s del par\u00e1metro de servicio de la funci\u00f3n load-logfiles."}], "id": "CVE-2024-24320", "lastModified": "2024-08-21T14:35:04.240", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-06-14T18:15:27.200", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://datack.my/cloudpanel-v2-0-0-v2-4-0-authenticated-user-session-hijacking-cve-2024-24320/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-120"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}