Vulnerability Details CVE-2021-30463
VestaCP through 0.9.8-24 allows attackers to gain privileges by creating symlinks to files for which they lack permissions. After reading the RKEY value from user.conf under the /usr/local/vesta/data/users/admin directory, the admin password can be changed via a /reset/?action=confirm&user=admin&code= URI. This occurs because chmod is used unsafely.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 17.5%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
References
Products affected by CVE-2021-30463
-
cpe:2.3:a:vestacp:control_panel:0.9.7-13
-
cpe:2.3:a:vestacp:control_panel:0.9.7-14
-
cpe:2.3:a:vestacp:control_panel:0.9.7-15
-
cpe:2.3:a:vestacp:control_panel:0.9.7-16
-
cpe:2.3:a:vestacp:control_panel:0.9.7-17
-
cpe:2.3:a:vestacp:control_panel:0.9.7-18
-
cpe:2.3:a:vestacp:control_panel:0.9.7-19
-
cpe:2.3:a:vestacp:control_panel:0.9.7-20
-
cpe:2.3:a:vestacp:control_panel:0.9.7-21
-
cpe:2.3:a:vestacp:control_panel:0.9.7-22
-
cpe:2.3:a:vestacp:control_panel:0.9.8-1
-
cpe:2.3:a:vestacp:control_panel:0.9.8-10
-
cpe:2.3:a:vestacp:control_panel:0.9.8-11
-
cpe:2.3:a:vestacp:control_panel:0.9.8-12
-
cpe:2.3:a:vestacp:control_panel:0.9.8-13
-
cpe:2.3:a:vestacp:control_panel:0.9.8-14
-
cpe:2.3:a:vestacp:control_panel:0.9.8-15
-
cpe:2.3:a:vestacp:control_panel:0.9.8-16
-
cpe:2.3:a:vestacp:control_panel:0.9.8-17
-
cpe:2.3:a:vestacp:control_panel:0.9.8-18
-
cpe:2.3:a:vestacp:control_panel:0.9.8-19
-
cpe:2.3:a:vestacp:control_panel:0.9.8-2
-
cpe:2.3:a:vestacp:control_panel:0.9.8-20
-
cpe:2.3:a:vestacp:control_panel:0.9.8-21
-
cpe:2.3:a:vestacp:control_panel:0.9.8-22
-
cpe:2.3:a:vestacp:control_panel:0.9.8-23
-
cpe:2.3:a:vestacp:control_panel:0.9.8-24
-
cpe:2.3:a:vestacp:control_panel:0.9.8-3
-
cpe:2.3:a:vestacp:control_panel:0.9.8-4
-
cpe:2.3:a:vestacp:control_panel:0.9.8-5
-
cpe:2.3:a:vestacp:control_panel:0.9.8-6
-
cpe:2.3:a:vestacp:control_panel:0.9.8-7
-
cpe:2.3:a:vestacp:control_panel:0.9.8-8
-
cpe:2.3:a:vestacp:control_panel:0.9.8-9