VestaCP / MyVestaCP security

Post Reply
mrcln
Posts: 4
Joined: Sun Dec 08, 2024 10:25 am

Hello,

I'm looking for a new board, I'm using several Plesk licences now. It is very expensive and on 1.1.2025 the cost will increase again. Especially because there are other costs with Immunify, Plesk extension for Centos 7,5 etc.

But now I'm reading about Vesta's exploits. For example, the last blog was
https://fortbridge.co.uk/research/vesta ... sh-random/
where they wrote that they have not received any answers at all from Vesta since 2022 for a published vulnerability:

Timeline
22/06/24 Vulnerability reported to the vendor
26/06/24 no answer from the vendor, we asked for an update
04/07/24 no answer from the vendor, we followed-up again
22/07/24 another follow-up with the vendor
30/07/24 another follow-up with the vendor
22/09/24 3 months have passed since initial disclosure
02/10/24 blog post published

So how is this resolved here? Is it fixed or with security?

Thank you very much for your reply.
Last edited by mrcln on Tue Dec 10, 2024 10:24 pm, edited 1 time in total.

Tags:
User avatar
myVesta
Site Admin
Posts: 952
Joined: Fri Jun 19, 2020 9:59 am
Has thanked: 10 times
Been thanked: 6 times

myVesta is now a totally separate project, and yes, that issue was immediately fixed in myVesta.

I think it's not fixed in Vesta.
However, I think that Vesta is building now totally new hosting panel - viewtopic.php?t=1008
mrcln
Posts: 4
Joined: Sun Dec 08, 2024 10:25 am

Hi admin, thank you, you have convinced me! I will definitely start by migrating to myvestacp
Post Reply