Описание
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.856 through 0.9.8.864 allows an attacker to get a victim's session file name from the /tmp directory, and the victim's token value from /usr/local/cwpsrv/logs/access_log, then use them to make a request to extract the victim's password (for the OS and phpMyAdmin) via an attacker account.
Ссылки
- Release NotesVendor Advisory
- ExploitThird Party AdvisoryVDB Entry
- Release NotesVendor Advisory
- ExploitThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия от 0.9.8.856 (включая) до 0.9.8.864 (включая)
cpe:2.3:a:control-webpanel:webpanel:*:*:*:*:*:*:*:*
EPSS
Процентиль: 61%
0.00419
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-532
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.856 through 0.9.8.864 allows an attacker to get a victim's session file name from the /tmp directory, and the victim's token value from /usr/local/cwpsrv/logs/access_log, then use them to make a request to extract the victim's password (for the OS and phpMyAdmin) via an attacker account.
EPSS
Процентиль: 61%
0.00419
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-532