Platform
go
Component
github.com/1panel-dev/1panel
Fixed in
2.0.16
CVE-2025-34429 describes a cross-site request forgery (CSRF) vulnerability discovered in 1Panel, a web hosting control panel. This flaw allows attackers to manipulate the web port configuration, potentially leading to service disruption and loss of access. The vulnerability impacts versions 1.10.33 through 2.0.15. A fix is expected in a future release.
The primary impact of this CSRF vulnerability is the ability for an attacker to modify the port on which the 1Panel web service listens. By crafting a malicious webpage and enticing an authenticated user to visit it, an attacker can trigger a port change request. This change effectively redirects traffic away from the original port, rendering the service inaccessible on that port. This can lead to significant service disruption, impacting users and potentially causing data loss if the original port was critical for specific functionalities. While the vulnerability doesn't directly expose sensitive data, the resulting service disruption could be leveraged for denial-of-service (DoS) attacks or as a precursor to further exploitation.
CVE-2025-34429 was publicly disclosed on December 10, 2025. No public proof-of-concept (PoC) code has been released at the time of writing. The vulnerability's severity is rated HIGH (7.1) according to CVSS. It is not currently listed on the CISA KEV catalog. Active exploitation is not confirmed, but the ease of exploitation inherent in CSRF vulnerabilities suggests potential for future campaigns.
Exploit Status
EPSS
0.03% (7% percentile)
CISA SSVC
CVSS Vector
The immediate mitigation for CVE-2025-34429 involves implementing robust CSRF defenses. While a patched version is the ultimate solution, temporary workarounds include configuring a Web Application Firewall (WAF) to block suspicious port change requests. Specifically, WAF rules should be configured to inspect the Origin and Referer headers of requests to the port-change endpoint, rejecting requests from unexpected origins. Additionally, implementing Origin/Referer validation within the 1Panel application itself, even as a temporary measure, can significantly reduce the attack surface. Until a patch is available, restrict access to the port configuration functionality to trusted users and networks. After a future upgrade, confirm the vulnerability is resolved by attempting a CSRF attack on the port-change endpoint and verifying that the request is rejected.
Update 1Panel to a version later than 2.0.15. This will fix the CSRF vulnerability in the web port configuration. Ensure you download the latest version from the project's official website or GitHub repository.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-34429 is a cross-site request forgery (CSRF) vulnerability in 1Panel versions 1.10.33 - 2.0.15, allowing attackers to change the web service port.
You are affected if you are running 1Panel versions 1.10.33 through 2.0.15 and have not applied a patch or implemented mitigating controls.
Upgrade to a patched version of 1Panel when available. Until then, implement WAF rules and Origin/Referer validation to mitigate the risk.
Active exploitation is not currently confirmed, but the vulnerability's nature suggests potential for future attacks.
Refer to the 1Panel official website and security advisories for updates and patch information.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your go.mod file and we'll tell you instantly if you're affected.