Serghey Rodin

5 exploits Active since Jun 2015
CVE-2018-25117 WRITEUP CRITICAL WRITEUP
Vesta Control Panel a3f0fa1-ee03eff - Embedded Malicious Code via Compromised Installer
VestaCP commit a3f0fa1 (2018-05-31) up to commit ee03eff (2018-06-13) contain embedded malicious code that resulted in a supply-chain compromise. New installations created from the compromised installer since at least May 2018 were subject to installation of Linux/ChachaDDoS, a multi-stage DDoS bot that uses Lua for second- and third-stage components. The compromise leaked administrative credentials (base64-encoded admin password and server domain) to an external URL during installation and/or resulted in the installer dropping and executing a DDoS malware payload under local system privileges. Compromised servers were subsequently observed participating in large-scale DDoS activity. Vesta acknowledged exploitation in the wild in October 2018.
CVE-2018-25117 WRITEUP CRITICAL WRITEUP
Vesta Control Panel a3f0fa1-ee03eff - Embedded Malicious Code via Compromised Installer
VestaCP commit a3f0fa1 (2018-05-31) up to commit ee03eff (2018-06-13) contain embedded malicious code that resulted in a supply-chain compromise. New installations created from the compromised installer since at least May 2018 were subject to installation of Linux/ChachaDDoS, a multi-stage DDoS bot that uses Lua for second- and third-stage components. The compromise leaked administrative credentials (base64-encoded admin password and server domain) to an external URL during installation and/or resulted in the installer dropping and executing a DDoS malware payload under local system privileges. Compromised servers were subsequently observed participating in large-scale DDoS activity. Vesta acknowledged exploitation in the wild in October 2018.
CVE-2015-2861 WRITEUP WRITEUP
Vesta Control Panel < 0.9.8-14 - Cross-Site Request Forgery
Cross-site request forgery (CSRF) vulnerability in Vesta Control Panel before 0.9.8-14 allows remote attackers to hijack the authentication of arbitrary users.
CVE-2018-1000884 WRITEUP CRITICAL WRITEUP
Vesta CP <0.9.8-18 - Info Disclosure
Vesta CP version Prior to commit f6f6f9cfbbf2979e301956d1c6ab5c44386822c0 -- any release prior to 0.9.8-18 contains a CWE-208 / Information Exposure Through Timing Discrepancy vulnerability in Password reset code -- web/reset/index.php, line 51 that can result in Possible to determine password reset codes, attacker is able to change administrator password. This attack appear to be exploitable via Unauthenticated network connectivity. This vulnerability appears to have been fixed in After commit f6f6f9cfbbf2979e301956d1c6ab5c44386822c0 -- release version 0.9.8-19.
CVSS 9.8
CVE-2019-9841 WRITEUP MEDIUM WRITEUP
Vesta Control Panel <0.9.8-23 - XSS
Vesta Control Panel 0.9.8-23 allows XSS via a crafted URL.
CVSS 6.1