CVE-2022-44877
- Reference to the description:
- Description:
- login/index.php in CWP (aka Control Web Panel or CentOS Web Panel) 7 before 0.9.8.1147 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the login parameter.
- Last updated date:
- 04/06/2023
Reports
ACTIVELY EXPLOITED
- Type:
- exploitation
- Confidence:
- HIGH
- Date of publishing:
- 01/12/2023
- Reference url to background
https://thehackernews.com/2023/01/alert-hackers-actively-exploiting.html
- Type:
- exploitation
- Confidence:
- HIGH
- Date of publishing:
- 01/17/2023
- Reference url to background
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 01/05/2023
- Reference url to background
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 01/06/2023
- Reference url to background
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 01/11/2023
- Reference url to background
http://packetstormsecurity.com/files/170388/Control-Web-Panel-7-Remote-Code-Execution.html
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 01/11/2023
- Reference url to background
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 01/11/2023
- Reference url to background
https://gist.github.com/numanturle/c1e82c47f4cba24cff214e904c227386
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 01/11/2023
- Reference url to background
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 01/25/2023
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 02/15/2023
- Reference url to background
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 02/22/2023
- Reference url to background