Client Application Firewall
CentOS.Web.Panel.login.Command.Injection
Description
This indicates an attack attempt to exploit a Command Injection vulnerability in CentOS Web Panel.
The vulnerability is due to insufficient sanitizing of user-supplied inputs in the application. A remote attacker can exploit this to execute arbitrary commands on a vulnerable server.
Outbreak Alert
A command injection vulnerability that allows remote attackers to easily exploit CWP (Control Web Panel) with a crafted HTTP request which can result in Remote Code Execution. According to Shodan, there are thousands of servers that could still be vulnerable to CVE-2022-44877. This vulnerability can be leveraged to perform ransomware attacks or exfiltration of data.
Affected Products
CWP (Control Web Panel or CentOS Web Panel) 7 before 0.9.8.1147
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the latest update from the vendor.
https://control-webpanel.com/
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2023-03-07 | 23.507 |
| ID | 52548 |
| Created | Jan 17, 2023 |
| Updated | Mar 03, 2023 |
| Outbreak Alert | CWP OS Command Injection |
| Threat Signal | View Report |
| Risk |
|
| CVE ID | CVE-2022-44877 |
| Known Exploited | Yes |
| Exploit Prediction Score | 97.37% |
| Default Action | drop |
| Affected OS | Linux |
| Affected App | Other |