CVE-2020-36948

CRITICAL

VestaCP 0.9.8-26 - Incorrect Authorization via LoginAs Session Token Manipulation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-36948. PoCs published by Vulnerability-Lab.

AI-analyzed exploit summary This exploit demonstrates an insufficient session validation vulnerability in VestaCP 0.9.8-26, allowing remote attackers to bypass authentication by manipulating the 'token' parameter in the 'LoginAs' module. The PoC shows how an attacker can access user or admin accounts without proper authorization.

Description

VestaCP 0.9.8-26 contains a session token vulnerability in the LoginAs module that allows remote attackers to manipulate authentication tokens. Attackers can exploit insufficient token validation to access user accounts and perform unauthorized login requests without proper administrative permissions.

Exploits (1)

exploitdb WORKING POC

by Vulnerability-Lab · textwebappsmultiple

https://www.exploit-db.com/exploits/49219

View Code ZIP pw:eip

This exploit demonstrates an insufficient session validation vulnerability in VestaCP 0.9.8-26, allowing remote attackers to bypass authentication by manipulating the 'token' parameter in the 'LoginAs' module. The PoC shows how an attacker can access user or admin accounts without proper authorization.

Classification

Working Poc 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: VestaCP v0.9.8-26

No auth needed

Prerequisites: Access to the VestaCP login page · Valid user account name to target

MITRE ATT&CK

T1189 - Drive-by Compromise T1078 - Valid Accounts

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Various Sources product

https://vestacp.com/

Various Sources technical-description exploit

https://www.vulnerability-lab.com/get_content.php?id=2240

Various Sources vendor-advisory

https://www.vulnerability-lab.com/show.php?user=Benjamin%20K.M.

Third Party Advisory third-party-advisory

https://www.vulncheck.com/advisories/vestacp-loginas-insufficient-session-validation

Exploit, Third Party Advisory exploit

https://www.exploit-db.com/exploits/49219

Scores

CVSS v3 9.8

EPSS 0.0056

EPSS Percentile 42.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-863

Status published

Products (1)

VestaCP/VestaCP 0.9.8-26

Published Jan 27, 2026

Tracked Since Feb 18, 2026