CVE-2022-44877 — Actively Exploited: Control Web Panel (CWP)
CWP Control Web Panel (formerly CentOS Web Panel) contains an OS command injection vulnerability that allows remote attackers to execute commands via shell metacharacters in the login parameter.
| CVE ID | CVE-2022-44877 |
|---|---|
| Vendor | CWP |
| Product | Control Web Panel |
| Vulnerability name | CWP Control Web Panel OS Command Injection Vulnerability |
| Date added | 2023-01-17 |
| Remediation due | 2023-02-07 |
| Known ransomware use | Unknown |
| Required action | Apply updates per vendor instructions. |
| Description | CWP Control Web Panel (formerly CentOS Web Panel) contains an OS command injection vulnerability that allows remote attackers to execute commands via shell metacharacters in the login parameter. |
| Source | CISA Known Exploited Vulnerabilities |
🔍 Search all exploited vulnerabilities →
$1499/mo
Try ExploitWatch →