ZPanel includes a helper binary named zsudo, intended to allow restricted privilege escalation for administrative tasks. However, when misconfigured in /etc/sudoers, zsudo can be invoked by low-privileged users to execute arbitrary commands as root. This flaw enables local attackers with shell access to escalate privileges by writing a payload to a writable directory and executing it via zsudo. The vulnerability is particularly impactful in post-exploitation scenarios following web server compromise, where the attacker inherits access to zsudo.
History

Tue, 05 Aug 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 05 Aug 2025 07:45:00 +0000

Type Values Removed Values Added
First Time appeared Zpanel
Zpanel zpanel
Vendors & Products Zpanel
Zpanel zpanel

Mon, 04 Aug 2025 18:15:00 +0000

Type Values Removed Values Added
Description ZPanel includes a helper binary named zsudo, intended to allow restricted privilege escalation for administrative tasks. However, when misconfigured in /etc/sudoers, zsudo can be invoked by low-privileged users to execute arbitrary commands as root. This flaw enables local attackers with shell access to escalate privileges by writing a payload to a writable directory and executing it via zsudo. The vulnerability is particularly impactful in post-exploitation scenarios following web server compromise, where the attacker inherits access to zsudo.
Title ZPanel zsudo Local Privilege Escalation
Weaknesses CWE-269
References
Metrics cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published: 2025-08-04T18:03:58.414Z

Updated: 2025-08-05T15:53:09.254Z

Reserved: 2025-08-01T15:15:33.216Z

Link: CVE-2013-10052

cve-icon Vulnrichment

Updated: 2025-08-05T15:52:56.645Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-08-04T18:15:33.923

Modified: 2025-08-05T16:15:27.273

Link: CVE-2013-10052

cve-icon Redhat

No data.