Cyber Resilience

CVE-2024-53584

CriticalPublic PoCRCE

Published: 31 January 2025

Published
31 January 2025
Modified
23 May 2025
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0392 88.6th percentile
Risk Priority 22 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-53584 is a critical-severity OS Command Injection (CWE-78) vulnerability in Openpanel Openpanel. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 11.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

OpenPanel version 0.3.4 contains an OS command injection vulnerability (CWE-78) that is exposed through the timezone parameter. The flaw received a CVSS 3.1 score of 9.8, reflecting network attackability without authentication or user interaction and full impact on confidentiality, integrity, and availability.

An unauthenticated remote attacker can supply a crafted timezone value that results in arbitrary operating-system command execution on the underlying host. Successful exploitation grants the attacker the ability to run commands with the privileges of the OpenPanel process, enabling complete system compromise.

The vendor addressed the issue in OpenPanel 0.3.5, as noted in the project changelog under security fixes. Exploitation probability (EPSS) rose from a low baseline to a peak of 0.1199 on 2025-12-11 before receding to the current value of 0.0392, indicating a period of increased interest following disclosure.

EU & UK References

Vulnerability details

OpenPanel v0.3.4 was discovered to contain an OS command injection vulnerability via the timezone parameter.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1059.004 Unix Shell Execution
Adversaries may abuse Unix shell commands and scripts for execution.
Why these techniques?

OS command injection in public-facing web panel (OpenPanel) directly enables remote unauthenticated exploitation of a public-facing application (T1190) resulting in arbitrary Unix shell command execution (T1059.004).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-53537Same product: Openpanel Openpanel
CVE-2024-53582Same product: Openpanel Openpanel
CVE-2025-25871Same product: Openpanel Openpanel
CVE-2026-42454Shared CWE-78
CVE-2026-34796Shared CWE-78
CVE-2024-57016Shared CWE-78
CVE-2025-50475Shared CWE-78
CVE-2024-57015Shared CWE-78
CVE-2026-36828Shared CWE-78
CVE-2024-57595Shared CWE-78

Affected Assets

openpanel
openpanel
0.3.4

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly prevents OS command injection by requiring validation and neutralization of untrusted inputs like the timezone parameter.

prevent

Mitigates the vulnerability through timely identification, reporting, and patching of flaws, as evidenced by the fix in OpenPanel v0.3.5.

prevent

Limits the potential damage from successful command injection by enforcing least privilege on processes handling the vulnerable parameter.

References