aaPanel Vulnerability scope

Web Hosting Control Panels are becoming increasingly popular as a online accessible tool for managing a website, the web hosting account, and sometimes the server and with the rise of their popularity, comes a potential risk.

aaPanel is a free, open source, powerful control panel, can manage the web server through web-base GUI (Graphical User Interface). aaPanel provides a one-click function such as one-click install LNMP/LAMP developing environment and software.

We are currently looking for the following items on aaPanel:

  • Code/command execution
  • Authentication bypass
  • Command injection

Think you figured out how to run unauthenticated commands on aaPanel? We are looking for you! Found something not on this list? We still want to buy it!