virus logo Client Application Firewall



This indicates an attack attempt to exploit a Command Injection vulnerability in CentOS Web Panel.
The vulnerability is due to insufficient sanitizing of user-supplied inputs in the application. A remote attacker can exploit this to execute arbitrary commands on a vulnerable server.

description-logoOutbreak Alert

A command injection vulnerability that allows remote attackers to easily exploit CWP (Control Web Panel) with a crafted HTTP request which can result in Remote Code Execution. According to Shodan, there are thousands of servers that could still be vulnerable to CVE-2022-44877. This vulnerability can be leveraged to perform ransomware attacks or exfiltration of data.

View the full Outbreak Alert Report

affected-products-logoAffected Products

CWP (Control Web Panel or CentOS Web Panel) 7 before

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the latest update from the vendor.

Version Updates

Date Version Detail
2023-03-07 23.507