CVE-2022-44877 - CWP Control Web Panel OS Command Injection Vulnerability

项目:CWP

产品:Control Web Panel

添加日期:2023-01-17到期日:2023-02-07最后更新:June 21, 2025

漏洞名称

CWP Control Web Panel OS Command Injection Vulnerability

描述

CWP Control Web Panel (formerly CentOS Web Panel) contains an OS command injection vulnerability that allows remote attackers to execute commands via shell metacharacters in the login parameter.

已知用于勒索软件活动吗?

Unknown

采集行动

Apply updates per vendor instructions.

其他说明

https://control-webpanel.com/changelog#1669855527714-450fb335-6194

https://nvd.nist.gov/vuln/detail/CVE-2022-44877

相关新闻文章

CRYSTALRAY hacker expands to 1,500 breached systems using SSH-Snake toolJuly 11, 2024

相关 CWE