• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
alert: hackers actively exploiting critical "control web panel" rce vulnerability

Alert: Hackers Actively Exploiting Critical “Control Web Panel” RCE Vulnerability

You are here: Home / General Cyber Security News / Alert: Hackers Actively Exploiting Critical “Control Web Panel” RCE Vulnerability
January 12, 2023

Destructive actors are actively trying to exploit a a short while ago patched critical vulnerability in Management Web Panel (CWP) that permits elevated privileges and unauthenticated distant code execution (RCE) on susceptible servers.

Tracked as CVE-2022-44877 (CVSS score: 9.8), the bug impacts all versions of the software program prior to .9.8.1147 and was patched by its maintainers on Oct 25, 2022.

Regulate Web Panel, previously known as CentOS Web Panel, is a preferred server administration device for company-centered Linux methods.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


“login/index.php in CWP (aka Manage Web Panel or CentOS Web Panel) 7 in advance of .9.8.1147 will allow distant attackers to execute arbitrary OS instructions by means of shell metacharacters in the login parameter,” according to NIST.

Gais Security researcher Numan Turle has been credited with getting and reporting the flaw to the Management Web Panel.

Exploitation of the flaw is claimed to have commenced on January 6, 2023, following the availability of a evidence-of-principle (PoC), the Shadowserver Foundation and GreyNoise disclosed.

“This is an unauthenticated RCE,” Shadowserver stated in a sequence of tweets, adding, “exploitation is trivial.”

GreyNoise said that it has observed 4 one of a kind IP addresses making an attempt to exploit CVE-2022-44877 to day, two of which are positioned in the U.S. and just one each from the Netherlands and Thailand.

In gentle of lively exploitation in the wild, consumers reliant on the software package are encouraged to use the patches to mitigate likely threats.

This is not the initial time related flaws have been identified in CWP. In January 2022, two critical issues have been discovered in the hosting panel that could have been weaponized to achieve pre-authenticated distant code execution.

Found this article fascinating? Follow us on Twitter  and LinkedIn to study more special content we write-up.


Some pieces of this article are sourced from:
thehackernews.com

Previous Post: «Cyber Security News New APT Dark Pink Hits Asia-Pacific, Europe With Spear Phishing Tactics
Next Post: Twitter Denies Hacking Claims, Assures Leaked User Data Not from its System twitter denies hacking claims, assures leaked user data not from»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Qilin Ransomware Adds “Call Lawyer” Feature to Pressure Victims for Larger Ransoms
  • Iran’s State TV Hijacked Mid-Broadcast Amid Geopolitical Tensions; $90M Stolen in Crypto Heist
  • 6 Steps to 24/7 In-House SOC Success
  • Massive 7.3 Tbps DDoS Attack Delivers 37.4 TB in 45 Seconds, Targeting Hosting Provider
  • 67 Trojanized GitHub Repositories Found in Campaign Targeting Gamers and Developers
  • New Android Malware Surge Hits Devices via Overlays, Virtualization Fraud and NFC Theft
  • BlueNoroff Deepfake Zoom Scam Hits Crypto Employee with MacOS Backdoor Malware
  • Secure Vibe Coding: The Complete New Guide
  • Uncover LOTS Attacks Hiding in Trusted Tools — Learn How in This Free Expert Session
  • Russian APT29 Exploits Gmail App Passwords to Bypass 2FA in Targeted Phishing Campaign

Copyright © TheCyberSecurity.News, All Rights Reserved.