WARNING: CRITICAL RCE VULNERABILITY IN CONTROL WEB PANEL (CWP) 7 ACTIVELY EXPLOITED

Reference:
Advisory #2023-07

Version:
1.0

Affected software:
Control Web Panel 7 before version 0.9.8.1147

Type:
Remote code execution (RCE)

CVE/CVSS:
CVE-2022-44877 CVSS 9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

Sources

https://nvd.nist.gov/vuln/detail/CVE-2022-44877

Risks

Control Web Panel (CWP), formerly known as CentOS Web Panel, is a control panel for servers and Virtual Private Servers (VPS) that enables their day-to-day management.

Successful exploitation of CVE-2022-44877 has a HIGH impact on Confidentiality, Integrity, and Availability. 

Additionally, exploit proof-of-concept is publicly available and attackers are actively exploiting this flaw.

Description

CVE-2022-44877 allows an attacker to execute code remotely without authentication at the same privilege level the CentOS Web Panel is installed. It was observed that in many cases the default privilege to host the installation was “root”.

Remote attackers can execute arbitrary OS commands via shell metacharacters in the login parameter using a specially crafted HTTP request.

Attackers are currently exploiting CVE-2022-44877 to launch a reverse shell. The encoded payloads are translated into Python commands and leverage the Python pty Module to call the attacker’s system and spawn a terminal on the vulnerable host.

Recommended Actions

The Centre for Cyber Security Belgium strongly recommends Windows system administrators to take the following actions: update to Control Web Panel (CWP) 7 v0.9.8.1148.

for more information: https://control-webpanel.com/changelog#1653233365160-9848a986-1929

References

https://cloudsek.com/threatintelligence/poc-for-high-impact-rce-vulnerability-in-centos-web-panel-7-cve-2022-44877-increases-risk-of-attacks/
https://www.bleepingcomputer.com/news/security/hackers-exploit-control-web-panel-flaw-to-open-reverse-shells/
https://www.securityweek.com/exploitation-control-web-panel-vulnerability-starts-after-poc-publication