CNNVD-202508-239 Information

CNNVD ID

CNNVD-202508-239

Related CVE

CVE-2013-10052

• CNNVD Published: 2025-08-04

Description (Chinese)

zpanelx是The ZPanel Project开源的一个web托管控制面板。 zpanelx存在安全漏洞，该漏洞源于zsudo配置不当，可能导致本地攻击者通过写入有效载荷并执行来提升权限。

Description (English)

Zpanelx is a web hosting control panel at the ZPanel Project open source. There is a security loophole in zpanelx, which stems from the misconfiguration of the zsudo, which may lead to local attackers increasing their authority by including payloads and implementing them.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

The ZPanel Project

Published

2025-08-04

Last Modified

2026-02-24

References

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/local/zpanel_zsudo.rb https://www.exploit-db.com/exploits/26451 https://github.com/zpanel/zpanelx https://www.vulncheck.com/advisories/zpanel-zsudo-local-priv-esc https://access.redhat.com/security/cve/cve-2013-10052