CVE-2024-54679 is a vulnerability identified in CyberPanel, an open-source web hosting control panel, where the restartMySQL action does not enforce the required FilemanagerAdmin capability prior to commit 6778ad1. This lack of proper authorization checking allows users with limited privileges (PR:L) to restart the MySQL service without possessing administrative rights. The vulnerability is categorized under CWE-862, indicating missing authorization controls. The CVSS v3.1 base score is 4.3 (medium), reflecting that the attack vector is network-based (AV:N), requires low privileges (PR:L), no user interaction (UI:N), and impacts availability (A:L) but not confidentiality or integrity. Restarting MySQL unexpectedly can cause temporary service disruption, potentially affecting hosted websites and applications relying on the database. No known exploits have been reported in the wild, and no specific affected versions are listed beyond the indication that versions before commit 6778ad1 are vulnerable. The vulnerability was published on December 5, 2024, and no official patches or mitigations have been linked yet.

The primary impact of this vulnerability is on the availability of MySQL services managed through CyberPanel. Unauthorized users with limited privileges can restart the MySQL service, causing temporary downtime or service interruptions for websites and applications relying on the database. This can lead to degraded user experience, potential loss of business continuity, and increased operational costs due to unplanned service disruptions. While confidentiality and integrity are not directly affected, the ability to disrupt database availability can be leveraged in broader attack scenarios such as denial-of-service or to create windows for further exploitation. Organizations relying on CyberPanel for web hosting management are at risk, especially if they allow access to users with limited privileges without strict network segmentation or monitoring.

To mitigate this vulnerability, organizations should first identify if their CyberPanel installations are running versions prior to commit 6778ad1 and upgrade to the latest version that includes the authorization fix once available. In the absence of an official patch, administrators should restrict access to CyberPanel interfaces to trusted users only and enforce strict role-based access controls, ensuring that only authorized administrators have the ability to perform service restarts. Network-level controls such as IP whitelisting and firewall rules should be implemented to limit access to the CyberPanel management interface. Monitoring and alerting on unusual restart events of MySQL services can help detect exploitation attempts. Additionally, consider isolating the management interface from public networks and using VPNs or secure tunnels for administrative access. Regularly review user privileges and audit logs to detect any unauthorized actions.