Description
An Improper Authorization (Access Control Misconfiguration) vulnerability in MGT-COMMERCE GmbH CloudPanel v2.0.0 to v2.4.2 allows low-privilege users to bypass access controls and gain unauthorized access to sensitive configuration files and administrative functionality.
Exploits (1)
nomisec
WRITEUP
1 stars
by josephgodwinkimani · poc
https://github.com/josephgodwinkimani/cloudpanel-2.4.2-CVE-2024-44765-recovery
Scores
CVSS v3
6.5
EPSS
0.0272
EPSS Percentile
86.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-863
Status
published
Published
Nov 08, 2024
Tracked Since
Feb 18, 2026