CVE-2021-46850
- Reference to the description:
- Description:
- myVesta Control Panel before 0.9.8-26-43 and Vesta Control Panel before 0.9.8-26 are vulnerable to command injection. An authenticated and remote administrative user can execute arbitrary commands via the v_sftp_license parameter when sending HTTP POST requests to the /edit/server endpoint.
- Last updated date:
- 08/08/2023
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 10/25/2022
- Reference url to background
https://blog.talosintelligence.com/2021/06/necro-python-bot-adds-new-tricks.html
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 10/25/2022
- Reference url to background