cve-2022-44877
Vulnerability from cvelistv5
Published
2023-01-05 00:00
Modified
2024-08-03 14:01
Severity ?
EPSS score ?
Summary
login/index.php in CWP (aka Control Web Panel or CentOS Web Panel) 7 before 0.9.8.1147 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the login parameter.
References
CISA Known exploited vulnerability
Data from the Known Exploited Vulnerabilities Catalog
Date added: 2023-01-17
Due date: 2023-02-07
Required action: Apply updates per vendor instructions.
Used in ransomware: Unknown
Notes: https://control-webpanel.com/changelog#1669855527714-450fb335-6194; https://nvd.nist.gov/vuln/detail/CVE-2022-44877
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:01:31.364Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.youtube.com/watch?v=kiLfSvc1SYY" }, { "tags": [ "x_transferred" ], "url": "https://gist.github.com/numanturle/c1e82c47f4cba24cff214e904c227386" }, { "name": "20230106 Centos Web Panel 7 Unauthenticated Remote Code Execution - CVE-2022-44877", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Jan/1" }, { "tags": [ "x_transferred" ], "url": "http://packetstormsecurity.com/files/170388/Control-Web-Panel-7-Remote-Code-Execution.html" }, { "tags": [ "x_transferred" ], "url": "http://packetstormsecurity.com/files/170820/Control-Web-Panel-Unauthenticated-Remote-Command-Execution.html" }, { "tags": [ "x_transferred" ], "url": "http://packetstormsecurity.com/files/171725/Control-Web-Panel-7-CWP7-0.9.8.1147-Remote-Code-Execution.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "login/index.php in CWP (aka Control Web Panel or CentOS Web Panel) 7 before 0.9.8.1147 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the login parameter." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-06T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://www.youtube.com/watch?v=kiLfSvc1SYY" }, { "url": "https://gist.github.com/numanturle/c1e82c47f4cba24cff214e904c227386" }, { "name": "20230106 Centos Web Panel 7 Unauthenticated Remote Code Execution - CVE-2022-44877", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Jan/1" }, { "url": "http://packetstormsecurity.com/files/170388/Control-Web-Panel-7-Remote-Code-Execution.html" }, { "url": "http://packetstormsecurity.com/files/170820/Control-Web-Panel-Unauthenticated-Remote-Command-Execution.html" }, { "url": "http://packetstormsecurity.com/files/171725/Control-Web-Panel-7-CWP7-0.9.8.1147-Remote-Code-Execution.html" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-44877", "datePublished": "2023-01-05T00:00:00", "dateReserved": "2022-11-07T00:00:00", "dateUpdated": "2024-08-03T14:01:31.364Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "cisa_known_exploited": { "cveID": "CVE-2022-44877", "cwes": "[\"CWE-78\"]", "dateAdded": "2023-01-17", "dueDate": "2023-02-07", "knownRansomwareCampaignUse": "Unknown", "notes": "https://control-webpanel.com/changelog#1669855527714-450fb335-6194; https://nvd.nist.gov/vuln/detail/CVE-2022-44877", "product": "Control Web Panel", "requiredAction": "Apply updates per vendor instructions.", "shortDescription": "CWP Control Web Panel (formerly CentOS Web Panel) contains an OS command injection vulnerability that allows remote attackers to execute commands via shell metacharacters in the login parameter.", "vendorProject": "CWP", "vulnerabilityName": "CWP Control Web Panel OS Command Injection Vulnerability" }, "nvd": "{\"cve\":{\"id\":\"CVE-2022-44877\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2023-01-05T23:15:09.150\",\"lastModified\":\"2024-11-21T07:28:31.257\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"login/index.php in CWP (aka Control Web Panel or CentOS Web Panel) 7 before 0.9.8.1147 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the login parameter.\"},{\"lang\":\"es\",\"value\":\"login/index.php en CWP (tambi\u00e9n conocido como Control Web Panel o CentOS Web Panel) 7 anterior a 0.9.8.1147 permite a atacantes remotos ejecutar comandos del sistema operativo de su elecci\u00f3n a trav\u00e9s de metacaracteres de shell en el par\u00e1metro de inicio de sesi\u00f3n.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"cisaExploitAdd\":\"2023-01-17\",\"cisaActionDue\":\"2023-02-07\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"CWP Control Web Panel OS Command Injection Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:control-webpanel:webpanel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"0.9.8.1147\",\"matchCriteriaId\":\"B7F98475-0501-4B4F-9545-2F192652A25F\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/170388/Control-Web-Panel-7-Remote-Code-Execution.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/170820/Control-Web-Panel-Unauthenticated-Remote-Command-Execution.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/171725/Control-Web-Panel-7-CWP7-0.9.8.1147-Remote-Code-Execution.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://seclists.org/fulldisclosure/2023/Jan/1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://gist.github.com/numanturle/c1e82c47f4cba24cff214e904c227386\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.youtube.com/watch?v=kiLfSvc1SYY\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/170388/Control-Web-Panel-7-Remote-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/170820/Control-Web-Panel-Unauthenticated-Remote-Command-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/171725/Control-Web-Panel-7-CWP7-0.9.8.1147-Remote-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://seclists.org/fulldisclosure/2023/Jan/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://gist.github.com/numanturle/c1e82c47f4cba24cff214e904c227386\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.youtube.com/watch?v=kiLfSvc1SYY\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}" } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.