Vulnerability Details : CVE-2021-37840
aaPanel through 6.8.12 allows Cross-Site WebSocket Hijacking (CSWH) involving OS commands within WebSocket messages at a ws:// URL for /webssh (the victim must have configured Terminal with at least one host). Successful exploitation depends on the browser used by a potential victim (e.g., exploitation can occur with Firefox but not Chrome).
Products affected by CVE-2021-37840
- cpe:2.3:a:aapanel:aapanel:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-37840
0.29%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 68 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-37840
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST | |
8.8
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
References for CVE-2021-37840
-
https://github.com/aaPanel/aaPanel/issues/74
Security Vulnerability in aaPanel · Issue #74 · aaPanel/aaPanel · GitHubExploit;Third Party Advisory
-
https://ssd-disclosure.com/ssd-advisory-aapanel-cswh-to-rce/
SSD Advisory – aaPanel CSWH to RCE - SSD Secure DisclosureExploit;Third Party Advisory
Jump to