CVE-2019-12792

2019-08-1520:39:26

mitre

www.cve.org

AI Score

Confidence

High

EPSS

0.004

Percentile

72.5%

JSON

A command injection vulnerability in UploadHandler.php in Vesta Control Panel 0.9.8-24 allows remote attackers to escalate from regular registered users to root.

References

cardaci.xyz/advisories/2019/08/12/vesta-control-panel-0.9.8-24-privilege-escalation-in-the-upload-handler/

github.com/serghey-rodin/vesta/issues/1921