[Nulled] » Information security » Critical CVE-2022-44877 with a severity rating of 9.8 out of 10
January 16 2023

Critical CVE-2022-44877 with a severity rating of 9.8 out of 10

web3 16-01-2023, 13:02 Information security 204

Critical CVE-2022-44877 with a severity rating of 9.8 out of 10, recently fixed in the Control Web Panel (formerly known as CentOS Web Panel), allowing an attacker to remotely execute code without authentication, is actively exploited in the wild.

The Web Control Panel, formerly known as the CentOS Web Panel, is a popular server administration tool for enterprise Linux systems.

The bug affects all software versions up to 0.9.8.1147 and was fixed by its maintainers on October 25, 2022 and allows remote attackers to execute arbitrary OS commands using shell metacharacters in the login parameter.

Having reported the problem in October last year, researcher Numan Turle from Gais Cyber Security published an experimental exploit (PoC) and a demo video on January 3, and three days later, researchers from the Shadowserver Foundation and GreyNoise noticed that hackers had begun to exploit the vulnerability.

Shadowserver stated that "exploitation is trivial."

According to them, attackers find vulnerable hosts and use CVE-2022-44877 to create a terminal for interacting with the machine. Other attacks were aimed at identifying vulnerable machines.

GreyNoise stated that they found four unique IP addresses trying to use CVE-2022-44877, two of which are in the United States and one each in the Netherlands and Thailand.

At the same time, all attempts at exploitation are based on the original publicly available PoC, which has been slightly modified to solve the attacker's tasks.

Due to the active exploitation in the wild, users and administrators are advised to take immediate action and update the CWP to the latest available version, currently 0.9.8.1148, released on December 1, 2022.

Information

Visitors who are in the group Guests they can't download files.
Log in to the site under your login and password or if you are a new user go through the process registrations on the website.

Comments:

This publication has no comments yet. You can be the first!

Information the publication:

  • Author of the publication: web3
  • Date of publication: 16 January 2023 13:02
  • Publication category(s): Information security
  • Number of views of the publication: 204
  • Number of comments to the publication: 0

Related News

16 January 2023
Information security
Most Cacti installations

Most Cacti installations on the Internet are not fixed and are vulnerable to a critical RCE error, which is

Read more
16 January 2023
Information security
The first January ICS

The first January ICS fixes came up with a dozen security recommendations from Siemens and Schneider Electric,

Read more
16 January 2023
Information security
The Taiwanese NAS

The Taiwanese NAS manufacturer Synology has eliminated the vulnerability of the maximum (10/10) severity in VPN

Read more
16 January 2023
Information security
Experts warn of a

Experts warn of a critical vulnerability of the Linux kernel of 10 points on the CVSS scale, which affects SMB

Read more
16 January 2023
Information security
Auth0 fixed an RCE

Auth0 fixed an RCE vulnerability in the popular open source library JsonWebToken, which was used in more than

Read more

Information

Users of 🆅🅸🆂🅸🆃🅾🆁 are not allowed to comment this publication.

Site Search

Site Menu


☑ Websites Scripts

Calendar

«    November 2024    »
MonTueWedThuFriSatSun
 123
45678910
11121314151617
18192021222324
252627282930 

Advertisement

Survey on the website

Evaluate the work of the site
 

Statistics

  • +12 Total articles 6747
  • +12 Comments 4077
  • +29 Users : 5854