Main Vulnerability Database Exploits ID:5911 - Exploit for Improper Authentication in CentOS Web Panel - CVE-2019-13605

ID:5911 - Exploit for Improper Authentication in CentOS Web Panel - CVE-2019-13605

Published: June 17, 2021

Vulnerability identifier: #VU35710

Vulnerability risk: High

CVE-ID: CVE-2019-13605

CWE-ID: CWE-287

Exploitation vector: Remote access

Vulnerable software:
CentOS Web Panel

Link to public exploit:

https://www.exploit-db.com/exploits/47123/

Vulnerability description

The vulnerability allows a remote authenticated user to execute arbitrary code.

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.838 to 0.9.8.846, remote attackers can bypass authentication in the login process by leveraging the knowledge of a valid username. The attacker must defeat an encoding that is not equivalent to base64, and thus this is different from CVE-2019-13360.

Remediation

Install update from vendor's website.

ID:5911 - Exploit for Improper Authentication in CentOS Web Panel - CVE-2019-13605

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human