cvedb.io
CVE-2023-0391
HIGH · CVSS 8.1
EPSS exploitation probability: 0%
Published 2023-03-21T20:15:11.683 · Last modified 2026-06-17T05:25:25.947

Summary

MGT-COMMERCE CloudPanel ships with a static SSL certificate to encrypt communications to the administrative interface, shared across every installation of CloudPanel. This behavior was observed in version 2.2.0. There has been no indication from the vendor this has been addressed in version 2.2.1.

Affected products

mgt-commerce — cloudpanel

Does this affect you?

Add your gear to cvedb and we'll alert you only when mgt-commerce ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.