Summary
Unauthorized access refers to the ability to bypass the system's preset permission settings to access some API interfaces. The attack exploits a flaw in how online applications handle routing permissions.
Affected Version
<= v1.6.3
Patches
The vulnerability has been fixed in v1.6.4.
1Panel-dev/KubePi@0c6774b
Workarounds
It is recommended to upgrade the version to v1.6.4.
For more information
If you have any questions or comments about this advisory, please open an issue.
References
https://github.com/KubeOperator/KubePi/releases/tag/v1.6.4
References
Summary
Unauthorized access refers to the ability to bypass the system's preset permission settings to access some API interfaces. The attack exploits a flaw in how online applications handle routing permissions.
Affected Version
<= v1.6.3
Patches
The vulnerability has been fixed in v1.6.4.
1Panel-dev/KubePi@0c6774b
Workarounds
It is recommended to upgrade the version to v1.6.4.
For more information
If you have any questions or comments about this advisory, please open an issue.
References
https://github.com/KubeOperator/KubePi/releases/tag/v1.6.4
References