The US CISA added the Centos Web Panel 7 unauthenticated remote code execution flaw (CVE-2022-44877) to its .
The flaw impacts the software before 0.9.8.1147, it was addressed with the release of on October 25, 2022. The vulnerability was discovered by Numan Türle from Gais Security.
Researchers warn that threat actors are actively exploiting the vulnerability in Control Web Panel (CWP).
The exploitation attempts began on January 6, 2023, after a proof-of-concept (PoC) exploit code was published online.
“login/index.php in CWP (aka Control Web Panel or CentOS Web Panel) 7 before 0.9.8.1147 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the login parameter.” reads the for this vulnerability.
Researchers from Grey Noise and ShadowServer confirmed that threat actors are actively exploiting the flaw.
According to , FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.
Experts recommend also private organizations review the and address the vulnerabilities in their infrastructure.
CISA orders federal agencies to fix these vulnerabilities by February 7, 2023.
Follow me on Twitter: and and Mastodon
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, CISA)
[adrotate banner=”5″]
[adrotate banner=”13″]