CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Feb 7, 2023
High
CISA KEVCVE-2022-44877
CWP—Control Web Panel
CWP Control Web Panel (formerly CentOS Web Panel) contains an OS command injection vulnerability that allows remote attackers to execute commands via shell metacharacters in the login parameter.
Required Action
https://control-webpanel.com/changelog#1669855527714-450fb335-6194; https://nvd.nist.gov/vuln/detail/CVE-2022-44877
Vulnerability Overview
- Severity
- High
- CISA KEV
- Yes
- Ransomware
- Unknown
- Published
- Jan 17, 2023
- KEV Added
- Jan 17, 2023
- Due Date
- Feb 7, 2023
- Related Articles
- 0
Vendor
CWP
Control Web Panel