CVE-2019-14729

Name of the Vulnerable Software and Affected Versions CentOS Web Panel version 0.9.8.851

Description The issue exists due to insufficient input validation in the application, allowing a remote attacker to delete a sub-domain from a user's account. This can be achieved by an attacker using their own account to exploit the insecure object reference.

Recommendations For version 0.9.8.851, consider restricting access to the sub-domain management functionality until a patch is available. As a temporary workaround, monitor user accounts for unauthorized sub-domain deletions and implement additional validation checks on input data to prevent exploitation.