CyberSecurityBoard
Sponsor Register Login

Vesta Admin Panel Vulnerability Allows Complete Linux Server Takeover

This alarming exploit leverages weaknesses in the password reset mechanism, posing a severe risk to users relying on Vesta for server management. According to the Fortbridge report, the core of the vulnerability lies in using the bash $RANDOM variable during the password reset process. The Vesta password reset function relies on a PHP script that checks if a reset token matches an existing one stored in user configuration files. By exploiting this weakness, attackers can generate valid password reset tokens, gaining unauthorized access to admin accounts. Researchers have demonstrated that they can predict all future password reset tokens by brute-forcing the seed used by $RANDOM. A vulnerability in the Vesta Control Panel has been discovered that allows attackers to take over entire Linux servers. This file checks if the reset token($_POST[‘code’]) received from the url is equal to $rkey and if they match it will proceed to reset the user’s password. When a user requests a password reset, they receive an email with a link containing this token. This vulnerability allows an attacker to take over an entire server, which poses serious risks, including data breaches and unauthorized control over hosted websites. Vesta users are strongly advised to update their systems with patches provided by developers and consider implementing additional security measures such as two-factor authentication. Divya is a Senior Journalist at Cyber Security news covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world. Users are encouraged to stay informed about updates from Vesta and other security advisories to safeguard their digital assets effectively. Vesta is a web-based control panel that simplifies server management for Linux users. Generate a new code for the next password reset.

This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 01 Oct 2024 12:20:27 +0000


Cyber News related to Vesta Admin Panel Vulnerability Allows Complete Linux Server Takeover

Vesta Admin Panel Vulnerability Allows Complete Linux Server Takeover - This alarming exploit leverages weaknesses in the password reset mechanism, posing a severe risk to users relying on Vesta for server management. According to the Fortbridge report, the core of the vulnerability lies in using the bash $RANDOM ...
1 month ago Cybersecuritynews.com
CVE-2024-36886 - In the Linux kernel, the following vulnerability has been resolved: ...
4 months ago
Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
7 months ago Cisa.gov
Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
7 months ago Cisa.gov
CVE-2020-8023 - A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Point of ...
4 years ago
CVE-2020-8022 - A Incorrect Default Permissions vulnerability in the packaging of tomcat on SUSE Enterprise Storage 5, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise ...
3 years ago
CVE-2020-26253 - Kirby is a CMS. In Kirby CMS (getkirby/cms) before version 3.3.6, and Kirby Panel before version 2.5.14 there is a vulnerability in which the admin panel may be accessed if hosted on a .dev domain. In order to protect new installations on public ...
3 years ago
CVE-2019-18904 - A Uncontrolled Resource Consumption vulnerability in rmt of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Public Cloud 15-SP1, SUSE Linux ...
4 years ago
Any.RUN Sandbox Now Expanded to Analyze Linux Malware - The ANY.RUN sandbox has now been updated with support for Linux, further enhancing its ability to provide an isolated and secure environment for malware analysis and threat hunting. ANY.RUN allows malware analysts, SOC members, and DFIR team members ...
9 months ago Gbhackers.com
CVE-2020-11711 - An issue was discovered in Stormshield SNS 3.8.0. Authenticated Stored XSS in the admin login panel leads to SSL VPN credential theft. A malicious disclaimer file can be uploaded from the admin panel. The resulting file is rendered on the ...
1 year ago
CVE-2019-3695 - A Improper Control of Generation of Code vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Development Tools ...
4 years ago
CVE-2019-3696 - A Improper Limitation of a Pathname to a Restricted Directory vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module ...
4 years ago
Securing Your CentOS Web Panel to Prevent RCE Exploitation - Data security is essential for all web applications, particularly those hosting sensitive information. When it comes to protecting against remote code execution (RCE) exploitation, it is important to understand the inherent vulnerabilities of the ...
1 year ago Securityaffairs.com
CVE-2011-4543 - Multiple directory traversal vulnerabilities in osCommerce 3.0.2 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) set or (2) module parameter to (a) ...
6 years ago
CVE-2022-36037 - kirby is a content management system (CMS) that adapts to many different projects and helps you build your own ideal interface. Cross-site scripting (XSS) is a type of vulnerability that allows execution of any kind of JavaScript code inside the ...
2 years ago
2FA-less GitLab users vulnerable to account takeovers The Register - GitLab admins should apply the latest batch of security patches pronto given the new critical account-bypass vulnerability just disclosed. Tracked as CVE-2023-7028, the maximum-severity bug exploits a change introduced in version 16.1.0 back in May ...
9 months ago Go.theregister.com
Embedded Linux IoT Security: Defending Against Cyber Threats - Embedded Linux IoT systems are now essential parts of many different kinds of products, from industrial machinery and smart appliances to medical equipment and automobile systems. As Embedded Linux is being used widely, it has attracted the attention ...
9 months ago Securityboulevard.com
Exploited Control Web Panel Flaw Added to CISA ‘Must Patch’ List - Control Web Panel (CWP), an open source web hosting panel, has had a critical vulnerability added to CISA’s ‘must patch’ list. According to cybersecurity experts, the flaw is actively being exploited in the wild, making it a serious threat that ...
1 year ago Securityweek.com
How the FBI seized BlackCat ransomware's servers - An unsealed FBI search warrant revealed how law enforcement hijacked the ALPHV/BlackCat ransomware operations websites and seized the associated URLs. Today, the US Department of Justice confirmed that they seized websites for the ALPHV ransomware ...
10 months ago Bleepingcomputer.com
CVE-2020-10966 - In the Password Reset Module in VESTA Control Panel through 0.9.8-25 and Hestia Control Panel before 1.1.1, Host header manipulation leads to account takeover because the victim receives a reset URL containing an attacker-controlled server name. ...
2 years ago
Experts from the United Nations Report North Korean Hackers Have Taken a Large Amount of Digital Assets - Last year, North Korean hackers working for the government stole a record-breaking amount of virtual assets estimated to be worth between $630 million and more than $1 billion, according to a new report from U.N. experts. The panel of experts said ...
1 year ago Securityweek.com
CVE-2021-41129 - Pterodactyl is an open-source game server management panel built with PHP 7, React, and Go. A malicious user can modify the contents of a `confirmation_token` input during the two-factor authentication process to reference a cache value not ...
11 months ago
D-Link D-View 8 Unauthenticated Probe-Core Server Communication - A security issue exists in D-Link D-View 8 v2.0.2.89 and prior that could allow an attacker to manipulate the probe inventory of the D-View service. An unauthenticated remote attacker can register a host of his/her choice as a Probe server by sending ...
10 months ago Tenable.com
CVE-2021-32735 - Kirby is a content management system. In Kirby CMS versions 3.5.5 and 3.5.6, the Panel's `ListItem` component (used in the pages and files section for example) displayed HTML in page titles as it is. This could be used for cross-site scripting ...
3 years ago
CVE-2024-46782 - In the Linux kernel, the following vulnerability has been resolved: ila: call nf_unregister_net_hooks() sooner syzbot found an use-after-free Read in ila_nf_input [1] Issue here is that ila_xlat_exit_net() frees the rhashtable, then call ...
1 month ago Tenable.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)