- Description
- An issue was discovered in cPanel 110 through 132. A directory traversal vulnerability within the Team Manager API allows for overwrite of an arbitrary file. This can allow for privilege escalation to the root user.
- Source
- cve@mitre.org
- NVD status
- Analyzed
- Products
- cpanel
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-22
- Hype score
- Not currently trending
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA120210-0541-4B4E-9193-2E5B083683BC",
"versionEndExcluding": "126.0.37",
"versionStartIncluding": "110.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC319EC3-2442-49EA-867D-3396BDD41006",
"versionEndExcluding": "130.0.16",
"versionStartIncluding": "128.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "813CCA52-A8AD-465A-9B43-036F2C8E38EB",
"versionEndExcluding": "132.0.4",
"versionStartIncluding": "132.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]