Vulnerability Details CVE-2023-46157
File-Manager in MGT CloudPanel 2.0.0 through 2.3.2 allows the lowest privilege user to achieve OS command injection by changing file ownership and changing file permissions to 4755.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.0%
CVSS Severity
CVSS v3 Score 8.8
Products affected by CVE-2023-46157
-
cpe:2.3:a:mgt-commerce:cloudpanel:2.0.0
-
cpe:2.3:a:mgt-commerce:cloudpanel:2.0.1
-
cpe:2.3:a:mgt-commerce:cloudpanel:2.0.2
-
cpe:2.3:a:mgt-commerce:cloudpanel:2.0.3
-
cpe:2.3:a:mgt-commerce:cloudpanel:2.0.4
-
cpe:2.3:a:mgt-commerce:cloudpanel:2.1.0
-
cpe:2.3:a:mgt-commerce:cloudpanel:2.2.0
-
cpe:2.3:a:mgt-commerce:cloudpanel:2.2.1
-
cpe:2.3:a:mgt-commerce:cloudpanel:2.2.2
-
cpe:2.3:a:mgt-commerce:cloudpanel:2.3.0
-
cpe:2.3:a:mgt-commerce:cloudpanel:2.3.1
-
cpe:2.3:a:mgt-commerce:cloudpanel:2.3.2