MidnightBSD

Advisories for mengnai

CVE-2022-48079

Monnai aaPanel host system v1.5 contains an access control issue which allows attackers to escalate privileges and execute arbitrary code via uploading a crafted PHP file to the virtual host directory of the system.

Products Affected

Vendor Product Version
mengnai aapanel_host_system 1.5