## https://sploitus.com/exploit?id=763AC836-87A7-5068-BAA4-9FCED41D4C19
# [CVE-2024-44765](https://nvd.nist.gov/vuln/detail/CVE-2024-44765) is an Improper Authorization (Access Control Misconfiguration) vulnerability in MGT-COMMERCE GmbH CloudPanel versions 2.0.0 to 2.4.2
1. Follow instructions in every folder (this should be done locally)
2. Reset Passwords and Access
```bash
# for root
$ sudo passwd root
# while for users
$ getent passwd | grep -vE "nologin|false" | cut -d: -f1
$ sudo passwd <username>
```
3. Remove Unauthorized Access
``` bash
$ getent passwd | grep -vE "nologin|false" | cut -d: -f1
$ sudo userdel <username>
```
2. Upload `/tmp/cloudpanel/` to `/tmp/cloudpanel/`
3. Run `clp-update`
You will should see this at the end
```bash
CloudPanel has been updated to v2.5.0
```
Now you can export your databases and data files away using the panel.
4. Follow security recommendations here https://github.com/EagleTube/CloudPanel/blob/main/README.md
### Note
- Anywhere there is mention of `your new installation of cloudpanel (v2.5.0)` this assumes you have a new server with same specifications i.e. Operating system version e.g. Ubuntu 24.04 LTS in compromised server and same exact os in new clean server OR you can get the `.deb` file by running `apt download cloudpanel` go to `cloudpanel-2.5.0-source/tmp/cloudpanel` and copy that to `/tmp/cloudpanel` then see [here](https://github.com/josephgodwinkimani/CVE-2024-44765/tree/main/tmp/cloudpanel/data/cloudpanel/data) finally follow instructions from step 2 above.
- If your CloudPanel installation is compromised due to the CVE-2024-44765 vulnerability, updating to the latest version of CloudPanel should patch the vulnerability however, you should either use tools here https://github.com/josephgodwinkimani/install-cloudpanel or install afresh (recommended).
- Since this vulnerability allows an unauthenticated remote attacker to exploit the misconfiguration, potentially leading to arbitrary code execution, data tampering, or full system compromise the Best cause of action is to always recover from a trusted backup and updating CloudPanel installation from that point.
- You can scan your server before following the instructions in this repo https://pentest-tools.com/network-vulnerability-scanning/network-security-scanner-online