We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
Vesta Control Panel 0.9.8-16 - Local Privilege Escalation
Vesta Control Panel 0.9.8-16 - Local Privilege Escalation
Hello,
So it seem's like the current release of VestaCP is vulnerable to root escalation, which is a bit of security concern as if one would compile a certain file and then execute a certain command from SSH, they can easily take over root permissions on the server.
The full report of said exploit is available here:
https://www.exploit-db.com/exploits/40953/
I suspect that this issue isn't all that hard to patch as it's only an input that's not sanitized, but I will give it a go myself in the meanwhile to get a solution to the issue.
So it seem's like the current release of VestaCP is vulnerable to root escalation, which is a bit of security concern as if one would compile a certain file and then execute a certain command from SSH, they can easily take over root permissions on the server.
The full report of said exploit is available here:
https://www.exploit-db.com/exploits/40953/
I suspect that this issue isn't all that hard to patch as it's only an input that's not sanitized, but I will give it a go myself in the meanwhile to get a solution to the issue.
Re: Vesta Control Panel 0.9.8-16 - Local Privilege Escalation
mainh wrote:Hello,
So it seem's like the current release of VestaCP is vulnerable to root escalation, which is a bit of security concern as if one would compile a certain file and then execute a certain command from SSH, they can easily take over root permissions on the server.
The full report of said exploit is available here:
https://www.exploit-db.com/exploits/40953/
I suspect that this issue isn't all that hard to patch as it's only an input that's not sanitized, but I will give it a go myself in the meanwhile to get a solution to the issue.
This exploit has been patched https://github.com/serghey-rodin/vesta/ ... be88ca5e64
bin/v-get-web-domain-value wrote: +# Say goodbye
+echo "This script is not used anymore"
+exit
+