Vulnerabilities > CVE-2004-1769 - Remote Command Execution vulnerability in cPanel Resetpass
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
The "Allow cPanel users to reset their password via email" feature in cPanel 9.1.0 build 34 and earlier, including 8.x, allows remote attackers to execute arbitrary code via the user parameter to resetpass.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 12 |
Exploit-Db
description | cPanel 5/6/7/8/9 Resetpass Remote Command Execution Vulnerability. CVE-2004-1769. Remote exploit for cgi platform |
id | EDB-ID:23804 |
last seen | 2016-02-02 |
modified | 2004-03-11 |
published | 2004-03-11 |
reporter | Arab VieruZ |
source | https://www.exploit-db.com/download/23804/ |
title | cPanel 5/6/7/8/9 Resetpass Remote Command Execution Vulnerability |
Nessus
NASL family | CGI abuses |
NASL id | CPANEL_LOGIN_CMD_EXEC.NASL |
description | The version of cPanel installed on the remote host is version 9.1.0 (or earlier) and thus reportedly affected by multiple issues: - The dohtaccess.html script fails to sanitize input supplied by a user and is affected by a cross-site scripting vulnerability. (CVE-2004-2308) - Both the Login Page and resetpass functionality fail to sanitize user input and can be manipulated to execute arbitrary commands (CVE-2004-1769 & CVE-2004-1770). For example, the following URL demonstrates the id command being executed: http://www.example.com:2082/login/?user=| |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 12097 |
published | 2004-03-14 |
reporter | This script is Copyright (C) 2004-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/12097 |
title | cPanel <= 9.1.0 Multiple Vulnerabilities |