Zero-day vulnerability in Vesta Control Panel

Backdoor

VestaCP repository was compromised around May 2018 and contained malware at least until June 2018. As a result, user's credentials, generated by VestaCP, and other information were stolen by the attackers.

Known malware:

Linux/ChachaDDoS

Vulnerability details

Advisory: SB2018101908 - Backdoor in Vesta Control Panel

Vulnerable component: Vesta Control Panel

CVE-ID:

CVSSv3 score: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C

CWE-ID: CWE-912 - Hidden Functionality (Backdoor)

Description:

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to presence of a backdoor code in the official vendor's repository since May 2018 until at least June 2018. All users that installed vesta panel between May and June are affected.

Vulnerability Scanning SaaS

Vulnerability scanning SaaS service is online 3-rd generation vulnerability scanner with scheduled assessments and vulnerability subscription. You can use service to check security of your network perimeter.