CVE-2023-46157 Information

Description

File-Manager in MGT CloudPanel 2.0.0 through 2.3.2 allows the lowest privilege user to achieve OS command injection by changing file ownership and changing file permissions to 4755.

Reference

https://www.cloudpanel.io/docs/v2/changelog/ https://www.mgt-commerce.com/docs/mgt-cloudpanel/dashboard