US CISA adds Centos Web Panel RCE CVE-2022-44877 to its Known Exploited Vulnerabilities Catalog

Pierluigi Paganini January 19, 2023

US CISA added the vulnerability CVE-2022-44877 in CentOS Control Web Panel utility to its Known Exploited Vulnerabilities Catalog.

The US CISA added the Centos Web Panel 7 unauthenticated remote code execution flaw (CVE-2022-44877) to its .

The flaw impacts the software before 0.9.8.1147, it was addressed with the release of  on October 25, 2022. The vulnerability was discovered by Numan Türle from Gais Security.

Researchers warn that threat actors are actively exploiting the vulnerability in Control Web Panel (CWP).

The exploitation attempts began on January 6, 2023, after a proof-of-concept (PoC) exploit code was published online.

Known Exploited Vulnerabilities Catalog Control Web Panel

“login/index.php in CWP (aka Control Web Panel or CentOS Web Panel) 7 before 0.9.8.1147 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the login parameter.” reads the  for this vulnerability.

Researchers from Grey Noise and ShadowServer confirmed that threat actors are actively exploiting the flaw.

According to , FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.

Experts recommend also private organizations review the  and address the vulnerabilities in their infrastructure.

CISA orders federal agencies to fix these vulnerabilities by February 7, 2023.

Follow me on Twitter: and and Mastodon

[adrotate banner=”9″][adrotate banner=”12″]

(SecurityAffairs – hacking, CISA)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment