Vulnerabilities > CVE-2024-27288 - Incorrect Authorization vulnerability in Fit2Cloud 1Panel

CVSS 3.1 - LOW

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

high complexity

fit2cloud

CWE-863

NVD

Published: 2024-03-06

Updated: 2025-02-11

Summary

1Panel is an open source Linux server operation and maintenance management panel. Prior to version 1.10.1-lts, users can use Burp to obtain unauthorized access to the console page. The vulnerability has been fixed in v1.10.1-lts. There are no known workarounds.

Vulnerable Configurations

Part	Description	Count
Application	Fit2Cloud Fit2Cloud 1Panel - Fit2Cloud 1Panel 1.0.0 Fit2Cloud 1Panel 1.0.1 Fit2Cloud 1Panel 1.0.2 Fit2Cloud 1Panel 1.0.3 Fit2Cloud 1Panel 1.0.4 Fit2Cloud 1Panel 1.0.5 Fit2Cloud 1Panel 1.1.0 Fit2Cloud 1Panel 1.1.1 Fit2Cloud 1Panel 1.1.2 Fit2Cloud 1Panel 1.1.3 Fit2Cloud 1Panel 1.2.0 Fit2Cloud 1Panel 1.2.1 Fit2Cloud 1Panel 1.2.2 Fit2Cloud 1Panel 1.2.3 Fit2Cloud 1Panel 1.2.4 Fit2Cloud 1Panel 1.3.0 Fit2Cloud 1Panel 1.3.1 Fit2Cloud 1Panel 1.3.2 Fit2Cloud 1Panel 1.3.3 Fit2Cloud 1Panel 1.3.4 Fit2Cloud 1Panel 1.3.5 Fit2Cloud 1Panel 1.3.6 Fit2Cloud 1Panel 1.4.0 Fit2Cloud 1Panel 1.4.1 Fit2Cloud 1Panel 1.4.2 Fit2Cloud 1Panel 1.4.3 Fit2Cloud 1Panel 1.5.0 Fit2Cloud 1Panel 1.5.1 Fit2Cloud 1Panel 1.5.2 Fit2Cloud 1Panel 1.5.3 Fit2Cloud 1Panel 1.5.4 Fit2Cloud 1Panel 1.5.5 Fit2Cloud 1Panel 1.6.0 Fit2Cloud 1Panel 1.6.1 Fit2Cloud 1Panel 1.6.2 Fit2Cloud 1Panel 1.7.0 Fit2Cloud 1Panel 1.7.1 Fit2Cloud 1Panel 1.7.2 Fit2Cloud 1Panel 1.7.3 Fit2Cloud 1Panel 1.7.4 Fit2Cloud 1Panel 1.8.0 Fit2Cloud 1Panel 1.8.1 Fit2Cloud 1Panel 1.8.2 Fit2Cloud 1Panel 1.8.3 Fit2Cloud 1Panel 1.8.4 Fit2Cloud 1Panel 1.8.5 Fit2Cloud 1Panel 1.9.0 Fit2Cloud 1Panel 1.9.1 Fit2Cloud 1Panel 1.9.2 Fit2Cloud 1Panel 1.9.3 Fit2Cloud 1Panel 1.9.4 Fit2Cloud 1Panel 1.9.5 Fit2Cloud 1Panel 1.9.6	54

Common Weakness Enumeration (CWE)

CWE-863 - Incorrect Authorization

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References