Main Vulnerability Database Vulnerabilities #VU15447

#VU15447 Backdoor in Vesta Control Panel

Published: October 19, 2018

Vulnerability identifier: #VU15447

Vulnerability risk: Critical

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red

CVE-ID: N/A

CWE-ID: CWE-912

Exploitation vector: Remote access

Exploit availability: The vulnerability is being exploited in the wild

Vulnerable software:
Vesta Control Panel

Software vendor:
Vesta Control Panel

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to presence of a backdoor code in the official vendor's repository since May 2018 until at least June 2018. All users that installed vesta panel between May and June are affected.

Remediation

Install the latest version from vendor's website.

External links

https://www.welivesecurity.com/2018/10/18/new-linux-chachaddos-malware-distributed-servers-vestacp-i...
https://forum.vestacp.com/viewtopic.php?f=10&t=17641&start=180#p73907
https://forum.vestacp.com/viewtopic.php?f=10&t=17641&start=180#p73920