A severe vulnerability remote code execution (RCE) has been found in CentOS Web Panel also known as Control Web Panel used by many organizations has been discovered and is currently being actively exploited.
The new RCE vulnerability is tracked as CVE-2022-44877 and rated a 9.8 out of 10 in terms of severity, could allow an attacker to gain unauthorized access to the control panel before 0.9.8.1147 version and allows remote attackers to execute arbitrary OS commands via shell metacharacters in the login parameter.
The control web panel is widely used by businesses and organizations to for web hosting providers and system admins.. The vulnerability, which was discovered by by Numan Türle of Gais Cyber Security.
Organizations that use the affected version of the software are urged to update to a patched version immediately to protect against the vulnerability. In addition, they should monitor their systems for any suspicious activity and take appropriate action if any is detected.
+ There are no comments
Add yours