CentOS.Web.Panel.login.Command.Injection
Description
This indicates an attack attempt to exploit a Command Injection vulnerability in CentOS Web Panel.
The vulnerability is due to insufficient sanitizing of user-supplied inputs in the application. A remote attacker can exploit this to execute arbitrary commands on a vulnerable server.
Outbreak Alert
A command injection vulnerability that allows remote attackers to easily exploit CWP (Control Web Panel) with a crafted HTTP request which can result in Remote Code Execution. According to Shodan, there are thousands of servers that could still be vulnerable to CVE-2022-44877. This vulnerability can be leveraged to perform ransomware attacks or exfiltration of data.
Affected Products
CWP (Control Web Panel or CentOS Web Panel) 7 before 0.9.8.1147
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the latest update from the vendor.
https://control-webpanel.com/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2023-03-06 | 23.506 | Default_action:pass:drop |
2023-02-07 | 22.490 | Sig Added |
2023-01-19 | 22.480 | Sig Added |
2023-01-18 | 22.479 |