← ExploitWatch
HomeExploited Vulnerabilities

CVE-2022-44877 — Actively Exploited: Control Web Panel (CWP)

CWP Control Web Panel (formerly CentOS Web Panel) contains an OS command injection vulnerability that allows remote attackers to execute commands via shell metacharacters in the login parameter.

CVE IDCVE-2022-44877
VendorCWP
ProductControl Web Panel
Vulnerability nameCWP Control Web Panel OS Command Injection Vulnerability
Date added2023-01-17
Remediation due2023-02-07
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionCWP Control Web Panel (formerly CentOS Web Panel) contains an OS command injection vulnerability that allows remote attackers to execute commands via shell metacharacters in the login parameter.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →