CVE-2021-47871

HIGH

Hestia Control Panel 1.3.2 - File Write

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-47871. PoCs published by numan türle.

AI-analyzed exploit summary This exploit leverages an arbitrary file write vulnerability in Hestia Control Panel by abusing the `v-make-tmp-file` API command to overwrite the `authorized_keys` file, enabling SSH access. The PoC uses a simple curl command to demonstrate the vulnerability.

Description

Hestia Control Panel 1.3.2 contains an arbitrary file write vulnerability that allows authenticated attackers to write files to arbitrary locations using the API index.php endpoint. Attackers can exploit the v-make-tmp-file command to write SSH keys or other content to specific file paths on the server.

Exploits (1)

exploitdb WORKING POC
by numan türle · textwebappsphp
https://www.exploit-db.com/exploits/49667

This exploit leverages an arbitrary file write vulnerability in Hestia Control Panel by abusing the `v-make-tmp-file` API command to overwrite the `authorized_keys` file, enabling SSH access. The PoC uses a simple curl command to demonstrate the vulnerability.

Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Hestia Control Panel < 1.3.3
Auth required
Prerequisites: Valid API key for Hestia Control Panel · Access to the API endpoint
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit, Third Party Advisory exploit
https://www.exploit-db.com/exploits/49667
Various Sources product
https://hestiacp.com/
Various Sources product
https://github.com/hestiacp/hestiacp

Scores

CVSS v3 8.8
EPSS 0.0042
EPSS Percentile 33.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-73
Status published
Products (1)
Hestia Control Panel/Hestia Control Panel 1.3.3
Published Jan 21, 2026
Tracked Since Feb 18, 2026