Monnai aaPanel host system v1.5 contains an access control issue which allows attackers to escalate privileges and execute arbitrary code via uploading a crafted PHP file to the virtual host directory of the system.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mengnai | aapanel_host_system | 1.5 |