CVE-2022-44877

CWP Control Web Panel OS Command Injection Vulnerability

CWP Control Web Panel (formerly CentOS Web Panel) contains an OS command injection vulnerability that allows remote attackers to execute commands via shell metacharacters in the login parameter. Vendor/Product: CWP Control Web Panel. Added to CISA KEV 2023-01-17; required action: Apply updates per vendor instructions.

Category: Vulnerability, Known Exploited

Reference: NVD CVE-2022-44877