Vulnerabilities > CVE-2022-3967 - Unspecified vulnerability in Vestacp Control Panel

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

vestacp

NVD

Published: 2022-11-13

Updated: 2024-11-21

Summary

A vulnerability, which was classified as critical, was found in Vesta Control Panel. Affected is an unknown function of the file func/main.sh of the component sed Handler. The manipulation leads to argument injection. An attack has to be approached locally. The name of the patch is 39561c32c12cabe563de48cc96eccb9e2c655e25. It is recommended to apply a patch to fix this issue. VDB-213546 is the identifier assigned to this vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Vestacp Vestacp Control Panel 0.9.7-13 Vestacp Control Panel 0.9.7-14 Vestacp Control Panel 0.9.7-15 Vestacp Control Panel 0.9.7-16 Vestacp Control Panel 0.9.7-17 Vestacp Control Panel 0.9.7-18 Vestacp Control Panel 0.9.7-19 Vestacp Control Panel 0.9.7-20 Vestacp Control Panel 0.9.7-21 Vestacp Control Panel 0.9.7-22 Vestacp Control Panel 0.9.8-1 Vestacp Control Panel 0.9.8-2 Vestacp Control Panel 0.9.8-3 Vestacp Control Panel 0.9.8-4 Vestacp Control Panel 0.9.8-5 Vestacp Control Panel 0.9.8-6 Vestacp Control Panel 0.9.8-7 Vestacp Control Panel 0.9.8-8 Vestacp Control Panel 0.9.8-9 Vestacp Control Panel 0.9.8-10 Vestacp Control Panel 0.9.8-11 Vestacp Control Panel 0.9.8-12 Vestacp Control Panel 0.9.8-13 Vestacp Control Panel 0.9.8-14 Vestacp Control Panel 0.9.8-15 Vestacp Control Panel 0.9.8-16 Vestacp Control Panel 0.9.8-17 Vestacp Control Panel 0.9.8-18 Vestacp Control Panel 0.9.8-19 Vestacp Control Panel 0.9.8-20 Vestacp Control Panel 0.9.8-21 Vestacp Control Panel 0.9.8-22 Vestacp Control Panel 0.9.8-23 Vestacp Control Panel 0.9.8-24 Vestacp Control Panel 0.9.8-25 Vestacp Control Panel 0.9.8-26-43	36

Summary

Vulnerable Configurations

References