Description

Incorrect Privilege Assignment in GitHub repository hestiacp/hestiacp prior to 1.6.6.

Related CPE's

a

hestiacp

control_panel

Vulnerable

References

https://github.com/hestiacp/hestiacp/commit/b178b9719bb2c98cf8a6db70065086f596afad81

PatchThird Party Advisory

https://huntr.dev/bounties/704aacc9-edff-4da5-90a6-4adf8dbf36fe

ExploitPatchThird Party Advisory

Weaknesses

[email protected]

Primary
CWE-266

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7.2 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2022-08-05T09:15:07.963

2 years ago

Last modified

2022-08-08T17:41:36.517

2 years ago