CVE-2019-14782
published 2019-12-17CVE-2019-14782: CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.856 through 0.9.8.864 allows an attacker to get a victim's session file name from the /tmp directory, and…
PriorityP335medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
EPSS
1.38%
68.7th percentile
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.856 through 0.9.8.864 allows an attacker to get a victim's session file name from the /tmp directory, and the victim's token value from /usr/local/cwpsrv/logs/access_log, then use them to make a request to extract the victim's password (for the OS and phpMyAdmin) via an attacker account.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| control-webpanel | webpanel | 0.9.8.856 – 0.9.8.864 | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-m755-m8m9-q8v4: CentOS-WebPanel
ghsa_unreviewed·2022-05-24
CVE-2019-14782 [MEDIUM] CWE-532 GHSA-m755-m8m9-q8v4: CentOS-WebPanel
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.856 through 0.9.8.864 allows an attacker to get a victim's session file name from the /tmp directory, and the victim's token value from /usr/local/cwpsrv/logs/access_log, then use them to make a request to extract the victim's password (for the OS and phpMyAdmin) via an attacker account.
GHSA
GHSA-m26q-9xvw-wxfg: CentOS-WebPanel
ghsa_unreviewed·2022-05-24·CVSS 6.5
CVE-2019-15235 [MEDIUM] CWE-532 GHSA-m26q-9xvw-wxfg: CentOS-WebPanel
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.864 allows an attacker to get a victim's session file name from /home/[USERNAME]/tmp/session/sess_xxxxxx, and the victim's token value from /usr/local/cwpsrv/logs/access_log, then use them to gain access to the victim's password (for the OS and phpMyAdmin) via an attacker account. This is different from CVE-2019-14782.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://centos-webpanel.com/changelog-cwp7https://packetstormsecurity.com/files/155676/Control-Web-Panel-0.9.8.864-phpMyAdmin-Password-Disclosure.htmlhttps://centos-webpanel.com/changelog-cwp7https://packetstormsecurity.com/files/155676/Control-Web-Panel-0.9.8.864-phpMyAdmin-Password-Disclosure.html
2019-12-17
Published