CSRF Vulnerability in CentOS Web Panel 0.9.8.837 Allows Unauthorized Password Change for Root Account

CSRF Vulnerability in CentOS Web Panel 0.9.8.837 Allows Unauthorized Password Change for Root Account

CVE-2019-13477 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.837, CSRF in the forgot password function allows an attacker to change the password for the root account.

Learn more about our Cis Benchmark Audit For Centos Linux.