CNNVD-202601-2601 Information

CNNVD ID

CNNVD-202601-2601

Related CVE

CVE-2025-66292

• CNNVD Published: 2026-01-15

Description (Chinese)

Dpanel是Donknap开源的一款轻量化的 Docker 可视化管理面板，提供完善的容器管理功能。 DPanel 1.9.2之前版本存在安全漏洞，该漏洞源于/api/common/attach/delete接口存在路径遍历，可能导致任意文件删除。

Description (English)

Dpanel is a light-quantifiable Docker visualization management panel from Donknap open source, which provides a good container management function. There was a security loophole in the pre-DPanel 1.9.2 version, which originated in the /api/common/attach/delete interface, which could lead to the deletion of any file.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Donknap

Published

2026-01-15

Last Modified

2026-02-24

References

https://github.com/donknap/dpanel/commit/cbda0d90204e8212f2010774345c952e42069119 https://github.com/donknap/dpanel/releases/tag/v1.9.2 https://github.com/donknap/dpanel/security/advisories/GHSA-vh2x-fw87-4fxq

Patch

https://github.com/donknap/dpanel/releases