← back
CVE-2019-13359

CVE-2019-13359

28Vexday Risk Score

No sign of exploitation. It has a public proof of concept.

ssvc Attendepss 26%
from disclosure to weapon0 days
Published on NVDJul 16
1st PoCJul 16
exploitation probability
26%top 2% of all CVEs
observed exploitation
nono source reports it
2 public exploit(s)
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, a cwpsrv-xxx cookie allows a normal user to craft and upload a session file to the /tmp directory, and use it to become the root user.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.