CNNVD-202512-1945 Information

CNNVD ID

CNNVD-202512-1945

Related CVE

CVE-2025-34429

• CNNVD Published: 2025-12-10

Description (Chinese)

1Panel是中国1Panel社区的一个开源的Linux服务器运维管理面板。 1Panel 1.10.33版本至2.0.15版本存在跨站请求伪造漏洞，该漏洞源于Web端口配置功能未实施CSRF防护，可能导致服务中断或拒绝服务。

Description (English)

1 Panel is an open-source Linux server management panel for a Panel community in China. Versions 1 Panel 1.10.33 to 2.0.15 contain a false gap in cross-site requests, which results from the failure of the Web port configuration function to implement CSRF protection, which may lead to the interruption or denial of services.

Hazard Level

High

Vulnerability Type

跨站请求伪造

Affected Vendor

1Panel

Published

2025-12-10

Last Modified

2026-02-24

References

https://www.vulncheck.com/advisories/1panel-csrf-web-port-configuration-change https://1panel.pro/ https://github.com/1Panel-dev/1Panel/releases https://access.redhat.com/security/cve/cve-2025-34429