CVE-2022-48079

Description

Monnai aaPanel host system v1.5 contains an access control issue which allows attackers to escalate privileges and execute arbitrary code via uploading a crafted PHP file to the virtual host directory of the system.

Related CPE's

References

http://mf.mengnai.top/

https://thanatosxingyu.github.io/

CvssV3 impact

CvssV2 impact