CNNVD-202601-2874 Information

CNNVD ID

CNNVD-202601-2874

Related CVE

CVE-2021-47794

• CNNVD Published: 2026-01-16

Description (Chinese)

ZesleCP是加拿大Zesle公司的一个Linux服务器控制面板软件。 ZesleCP 3.1.9版本存在操作系统命令注入漏洞，该漏洞源于身份验证后远程代码执行，可能导致创建恶意FTP账户并执行反向Shell命令。

Description (English)

ZesleCP is a Linux server control panel software from Zesle, Canada. Version ZesleCP 3.1.9 contains a loophole in the operating system command, which arises from the remote code execution after authentication, which may result in the creation of a malicious FTP account and the implementation of a reverse Shell command.

Hazard Level

Medium

Vulnerability Type

操作系统命令注入

Affected Vendor

Zesle

Published

2026-01-16

Last Modified

2026-02-24

References

https://www.exploit-db.com/exploits/50233 https://www.vulncheck.com/advisories/zeslecp-remote-code-execution-rce-authenticated https://www.youtube.com/watch?v=5lTDTEBVq-0 https://zeslecp.com/

Patch

https://zeslecp.com/changelog