{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-53534", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2025-07-02T15:15:11.515Z", "datePublished": "2025-08-05T20:58:56.350Z", "dateUpdated": "2025-08-06T19:21:42.760Z"}, "containers": {"cna": {"title": "RatPanel can perform remote command execution without authorization", "problemTypes": [{"descriptions": [{"cweId": "CWE-305", "lang": "en", "description": "CWE-305: Authentication Bypass by Primary Weakness", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 7.7, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/tnborg/panel/security/advisories/GHSA-fm3m-jrgm-5ppg", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/tnborg/panel/security/advisories/GHSA-fm3m-jrgm-5ppg"}, {"name": "https://github.com/tnborg/panel/commit/ed5c74c7534230ba685273504af4c1e1e3598ff1", "tags": ["x_refsource_MISC"], "url": "https://github.com/tnborg/panel/commit/ed5c74c7534230ba685273504af4c1e1e3598ff1"}, {"name": "https://github.com/tnborg/panel/releases/tag/v2.5.6", "tags": ["x_refsource_MISC"], "url": "https://github.com/tnborg/panel/releases/tag/v2.5.6"}], "affected": [{"vendor": "tnb-labs", "product": "panel", "versions": [{"version": ">= 2.3.19, < 2.5.6", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-08-05T20:58:56.350Z"}, "descriptions": [{"lang": "en", "value": "RatPanel is a server operation and maintenance management panel. In versions 2.3.19 through 2.5.5, when an attacker obtains the backend login path of RatPanel (including but not limited to weak default paths, brute-force cracking, etc.), they can execute system commands or take over hosts managed by the panel without logging in. In addition to this remote code execution (RCE) vulnerability, the flawed code also leads to unauthorized access. RatPanel uses the CleanPath middleware provided by github.com/go-chi/chi package to clean URLs, but but the middleware does not process r.URL.Path, which can cause the paths to be misinterpreted. This is fixed in version 2.5.6."}], "source": {"advisory": "GHSA-fm3m-jrgm-5ppg", "discovery": "UNKNOWN"}}, "adp": [{"references": [{"url": "https://github.com/tnborg/panel/security/advisories/GHSA-fm3m-jrgm-5ppg", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-06T19:20:45.629155Z", "id": "CVE-2025-53534", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-06T19:21:42.760Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-53534", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-08-06T19:20:45.629155Z"}}}], "references": [{"url": "https://github.com/tnborg/panel/security/advisories/GHSA-fm3m-jrgm-5ppg", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-06T16:14:53.446Z"}}], "cna": {"title": "RatPanel can perform remote command execution without authorization", "source": {"advisory": "GHSA-fm3m-jrgm-5ppg", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 7.7, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH"}}], "affected": [{"vendor": "tnb-labs", "product": "panel", "versions": [{"status": "affected", "version": ">= 2.3.19, < 2.5.6"}]}], "references": [{"url": "https://github.com/tnborg/panel/security/advisories/GHSA-fm3m-jrgm-5ppg", "name": "https://github.com/tnborg/panel/security/advisories/GHSA-fm3m-jrgm-5ppg", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/tnborg/panel/commit/ed5c74c7534230ba685273504af4c1e1e3598ff1", "name": "https://github.com/tnborg/panel/commit/ed5c74c7534230ba685273504af4c1e1e3598ff1", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/tnborg/panel/releases/tag/v2.5.6", "name": "https://github.com/tnborg/panel/releases/tag/v2.5.6", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "RatPanel is a server operation and maintenance management panel. In versions 2.3.19 through 2.5.5, when an attacker obtains the backend login path of RatPanel (including but not limited to weak default paths, brute-force cracking, etc.), they can execute system commands or take over hosts managed by the panel without logging in. In addition to this remote code execution (RCE) vulnerability, the flawed code also leads to unauthorized access. RatPanel uses the CleanPath middleware provided by github.com/go-chi/chi package to clean URLs, but but the middleware does not process r.URL.Path, which can cause the paths to be misinterpreted. This is fixed in version 2.5.6."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-305", "description": "CWE-305: Authentication Bypass by Primary Weakness"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-08-05T20:58:56.350Z"}}}, "cveMetadata": {"cveId": "CVE-2025-53534", "state": "PUBLISHED", "dateUpdated": "2025-08-06T19:21:42.760Z", "dateReserved": "2025-07-02T15:15:11.515Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2025-08-05T20:58:56.350Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "RatPanel is a server operation and maintenance management panel. In versions 2.3.19 through 2.5.5, when an attacker obtains the backend login path of RatPanel (including but not limited to weak default paths, brute-force cracking, etc.), they can execute system commands or take over hosts managed by the panel without logging in. In addition to this remote code execution (RCE) vulnerability, the flawed code also leads to unauthorized access. RatPanel uses the CleanPath middleware provided by github.com/go-chi/chi package to clean URLs, but but the middleware does not process r.URL.Path, which can cause the paths to be misinterpreted. This is fixed in version 2.5.6."}, {"lang": "es", "value": "RatPanel es un panel de gesti\u00f3n de operaciones y mantenimiento de servidores. En las versiones 2.3.19 a 2.5.5, cuando un atacante obtiene la ruta de acceso del backend de RatPanel (incluyendo, entre otras, rutas predeterminadas d\u00e9biles, ataques de fuerza bruta, etc.), puede ejecutar comandos del sistema o tomar el control de los hosts administrados por el panel sin iniciar sesi\u00f3n. Adem\u00e1s de esta vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo (RCE), el c\u00f3digo defectuoso tambi\u00e9n permite accesos no autorizados. RatPanel utiliza el middleware CleanPath, proporcionado por el paquete github.com/go-chi/chi, para limpiar las URL, pero este middleware no procesa r.URL.Path, lo que puede provocar la malinterpretaci\u00f3n de las rutas. Esto se solucion\u00f3 en la versi\u00f3n 2.5.6."}], "id": "CVE-2025-53534", "lastModified": "2025-08-06T20:23:52.133", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2025-08-05T21:15:38.897", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/tnborg/panel/commit/ed5c74c7534230ba685273504af4c1e1e3598ff1"}, {"source": "security-advisories@github.com", "url": "https://github.com/tnborg/panel/releases/tag/v2.5.6"}, {"source": "security-advisories@github.com", "url": "https://github.com/tnborg/panel/security/advisories/GHSA-fm3m-jrgm-5ppg"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://github.com/tnborg/panel/security/advisories/GHSA-fm3m-jrgm-5ppg"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-305"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{}