CVE-2025-54424: 1Panel agent certificate verification bypass leading to arbitrary command execution
(updated )
- First, we introduce the concepts of 1panel v2 Core and Agent. After the new version is released, 1panel adds the node management function, which allows you to control other hosts by adding nodes.
- The HTTPS protocol used for communication between the Core and Agent sides did not fully verify the authenticity of the certificate during certificate verification, resulting in unauthorized interfaces. The presence of a large number of command execution or high-privilege interfaces in the 1panel led to RCE.
References
- github.com/1Panel-dev/1Panel
- github.com/1Panel-dev/1Panel/pull/9698/commits/4003284521f8d31ddaf7215d1c30ab8b4cdb0261
- github.com/1Panel-dev/1Panel/releases/tag/v2.0.6
- github.com/1Panel-dev/1Panel/security/advisories/GHSA-8j63-96wh-wh3j
- github.com/advisories/GHSA-8j63-96wh-wh3j
- nvd.nist.gov/vuln/detail/CVE-2025-54424
Code Behaviors & Features
Detect and mitigate CVE-2025-54424 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →