CNNVD-202512-1946 Information

CNNVD ID

CNNVD-202512-1946

Related CVE

CVE-2025-34430

• CNNVD Published: 2025-12-10

Description (Chinese)

1Panel是中国1Panel社区的一个开源的Linux服务器运维管理面板。 1Panel 110.33版本至2.0.15版本存在跨站请求伪造漏洞，该漏洞源于面板名称管理功能未实施CSRF防护，可能导致面板名称被任意更改。

Description (English)

1 Panel is an open-source Linux server management panel for a Panel community in China. Versions 1 Panel 110.33 to 2.0.15 contain a false gap in cross-site requests resulting from the failure of the panel name management function to implement CSRF protections, which could lead to arbitrary changes in panel names.

Hazard Level

High

Vulnerability Type

跨站请求伪造

Affected Vendor

1Panel

Published

2025-12-10

Last Modified

2026-02-24

References

https://www.vulncheck.com/advisories/1panel-csrf-panel-name-modification https://1panel.pro/ https://github.com/1Panel-dev/1Panel/releases https://access.redhat.com/security/cve/cve-2025-34430