Insecure Object Reference Vulnerability in CentOS Web Panel 0.9.8.851 Allows Unauthorized DNS Record Access and Deletion

Insecure Object Reference Vulnerability in CentOS Web Panel 0.9.8.851 Allows Unauthorized DNS Record Access and Deletion

CVE-2019-14726 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to access and delete DNS records of a victim's account via an attacker account.

Learn more about our Cis Benchmark Audit For Centos Linux.