CVE-2022-44877: CWP Control Web Panel OS Command Injection Vulnerability.
CWP Control Web Panel OS Command Injection Vulnerability. CWP Control Web Panel (formerly CentOS Web Panel) contains an OS command injection vulnerability that allows remote attackers to execute commands via shell metacharacters in the login parameter.
- CISA KEV-listed (remediation due 2023-02-07)
- EPSS 94.5% (100.0% percentile)