BSI: Critical vulnerability in Control Web Panel
The well-known and widely used Web Hosting Control Web Panel (CWP) has a critical security vulnerability from 9.8 to CVSSv3.1. Attackers can install shells on the server or collect and extract information. On January 3, 2023, IT security researcher Numan Türle from Gais Cyber Security published a proof of concept for a vulnerability in the server management software Control Web Panel (CWP) - formerly CentOS Web Panel. The vulnerability allows a remote, unauthenticated attacker to execute code on the affected system based on a lack of input neutralization. The information was released...