CNNVD-202508-396 Information
CNNVD ID
CNNVD-202508-396
Related CVE
- CNNVD Published: 2025-08-05
Description (Chinese)
RatPanel(耗子面板)是树新峰(TreeNewBee)开源的一个服务器运维管理面板。 RatPanel(耗子面板)2.3.19至2.5.5版本存在安全漏洞,该漏洞源于CleanPath中间件未处理r.URL.Path,可能导致远程代码执行和未经授权访问。
Description (English)
Ratpanel (the rat panel) is a server-wide management panel that is open to TreeNewBee. There is a security loophole in versions 2.3.19 to 2.5.5 of Ratpanel (the rat panel), which originates from the unprocessed r.URL.Path in the CleanPath intermediate, which may result in remote code implementation and unauthorized access.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
树新峰
Published
2025-08-05
Last Modified
2026-02-24
References
https://github.com/tnborg/panel/security/advisories/GHSA-fm3m-jrgm-5ppg https://github.com/tnborg/panel/releases/tag/v2.5.6 https://github.com/tnborg/panel/commit/ed5c74c7534230ba685273504af4c1e1e3598ff1 https://access.redhat.com/security/cve/cve-2025-53534
Patch
https://github.com/tnborg/panel/releases
Share on: