{"cve_id":"CVE-2022-44877","summary":"login/index.php in CWP (aka Control Web Panel or CentOS Web Panel) 7 before 0.9.8.1147 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the login parameter.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"epss":0.94457,"ranking_epss":0.99993,"kev":true,"propose_action":"CWP Control Web Panel (formerly CentOS Web Panel) contains an OS command injection vulnerability that allows remote attackers to execute commands via shell metacharacters in the login parameter.","ransomware_campaign":"Unknown","references":["http://packetstormsecurity.com/files/170388/Control-Web-Panel-7-Remote-Code-Execution.html","http://packetstormsecurity.com/files/170820/Control-Web-Panel-Unauthenticated-Remote-Command-Execution.html","http://packetstormsecurity.com/files/171725/Control-Web-Panel-7-CWP7-0.9.8.1147-Remote-Code-Execution.html","http://seclists.org/fulldisclosure/2023/Jan/1","https://gist.github.com/numanturle/c1e82c47f4cba24cff214e904c227386","https://www.youtube.com/watch?v=kiLfSvc1SYY","http://packetstormsecurity.com/files/170388/Control-Web-Panel-7-Remote-Code-Execution.html","http://packetstormsecurity.com/files/170820/Control-Web-Panel-Unauthenticated-Remote-Command-Execution.html","http://packetstormsecurity.com/files/171725/Control-Web-Panel-7-CWP7-0.9.8.1147-Remote-Code-Execution.html","http://seclists.org/fulldisclosure/2023/Jan/1","https://gist.github.com/numanturle/c1e82c47f4cba24cff214e904c227386","https://www.youtube.com/watch?v=kiLfSvc1SYY","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-44877"],"published_time":"2023-01-05T23:15:09","cpes":["cpe:2.3:a:control-webpanel:webpanel:-","cpe:2.3:a:control-webpanel:webpanel:0.1","cpe:2.3:a:control-webpanel:webpanel:0.2","cpe:2.3:a:control-webpanel:webpanel:0.3","cpe:2.3:a:control-webpanel:webpanel:0.4","cpe:2.3:a:control-webpanel:webpanel:0.5","cpe:2.3:a:control-webpanel:webpanel:0.6","cpe:2.3:a:control-webpanel:webpanel:0.7","cpe:2.3:a:control-webpanel:webpanel:0.8","cpe:2.3:a:control-webpanel:webpanel:0.9","cpe:2.3:a:control-webpanel:webpanel:0.9.1","cpe:2.3:a:control-webpanel:webpanel:0.9.2","cpe:2.3:a:control-webpanel:webpanel:0.9.3","cpe:2.3:a:control-webpanel:webpanel:0.9.4","cpe:2.3:a:control-webpanel:webpanel:0.9.5","cpe:2.3:a:control-webpanel:webpanel:0.9.6","cpe:2.3:a:control-webpanel:webpanel:0.9.7","cpe:2.3:a:control-webpanel:webpanel:0.9.8","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1","cpe:2.3:a:control-webpanel:webpanel:0.9.8.10","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1051","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1053","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1054","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1055","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1057","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1058","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1059","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1060","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1061","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1062","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1063","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1064","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1065","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1066","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1067","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1068","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1069","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1070","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1071","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1072","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1073","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1075","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1078","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1079","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1081","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1082","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1083","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1084","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1085","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1087","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1088","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1089","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1091","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1094","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1096","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1097","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1098","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1099","cpe:2.3:a:control-webpanel:webpanel:0.9.8.11","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1100","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1101","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1103","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1104","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1107","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1108","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1113","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1117","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1118","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1119","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1120","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1122","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1124","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1126","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1127","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1128","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1129","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1130","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1131","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1132","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1133","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1135","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1136","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1137","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1138","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1139","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1140","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1141","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1142","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1143","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1144","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1145","cpe:2.3:a:control-webpanel:webpanel:0.9.8.1146","cpe:2.3:a:control-webpanel:webpanel:0.9.8.12","cpe:2.3:a:control-webpanel:webpanel:0.9.8.127","cpe:2.3:a:control-webpanel:webpanel:0.9.8.13","cpe:2.3:a:control-webpanel:webpanel:0.9.8.14","cpe:2.3:a:control-webpanel:webpanel:0.9.8.150","cpe:2.3:a:control-webpanel:webpanel:0.9.8.151","cpe:2.3:a:control-webpanel:webpanel:0.9.8.152","cpe:2.3:a:control-webpanel:webpanel:0.9.8.17","cpe:2.3:a:control-webpanel:webpanel:0.9.8.183","cpe:2.3:a:control-webpanel:webpanel:0.9.8.184","cpe:2.3:a:control-webpanel:webpanel:0.9.8.196","cpe:2.3:a:control-webpanel:webpanel:0.9.8.197","cpe:2.3:a:control-webpanel:webpanel:0.9.8.2","cpe:2.3:a:control-webpanel:webpanel:0.9.8.20","cpe:2.3:a:control-webpanel:webpanel:0.9.8.226","cpe:2.3:a:control-webpanel:webpanel:0.9.8.237","cpe:2.3:a:control-webpanel:webpanel:0.9.8.238","cpe:2.3:a:control-webpanel:webpanel:0.9.8.239","cpe:2.3:a:control-webpanel:webpanel:0.9.8.240","cpe:2.3:a:control-webpanel:webpanel:0.9.8.247","cpe:2.3:a:control-webpanel:webpanel:0.9.8.248","cpe:2.3:a:control-webpanel:webpanel:0.9.8.249","cpe:2.3:a:control-webpanel:webpanel:0.9.8.250","cpe:2.3:a:control-webpanel:webpanel:0.9.8.265","cpe:2.3:a:control-webpanel:webpanel:0.9.8.266","cpe:2.3:a:control-webpanel:webpanel:0.9.8.273","cpe:2.3:a:control-webpanel:webpanel:0.9.8.277","cpe:2.3:a:control-webpanel:webpanel:0.9.8.290","cpe:2.3:a:control-webpanel:webpanel:0.9.8.291","cpe:2.3:a:control-webpanel:webpanel:0.9.8.3","cpe:2.3:a:control-webpanel:webpanel:0.9.8.314","cpe:2.3:a:control-webpanel:webpanel:0.9.8.315","cpe:2.3:a:control-webpanel:webpanel:0.9.8.333","cpe:2.3:a:control-webpanel:webpanel:0.9.8.334","cpe:2.3:a:control-webpanel:webpanel:0.9.8.359","cpe:2.3:a:control-webpanel:webpanel:0.9.8.4","cpe:2.3:a:control-webpanel:webpanel:0.9.8.448","cpe:2.3:a:control-webpanel:webpanel:0.9.8.48","cpe:2.3:a:control-webpanel:webpanel:0.9.8.480","cpe:2.3:a:control-webpanel:webpanel:0.9.8.5","cpe:2.3:a:control-webpanel:webpanel:0.9.8.6","cpe:2.3:a:control-webpanel:webpanel:0.9.8.651","cpe:2.3:a:control-webpanel:webpanel:0.9.8.7","cpe:2.3:a:control-webpanel:webpanel:0.9.8.740","cpe:2.3:a:control-webpanel:webpanel:0.9.8.747","cpe:2.3:a:control-webpanel:webpanel:0.9.8.748","cpe:2.3:a:control-webpanel:webpanel:0.9.8.753","cpe:2.3:a:control-webpanel:webpanel:0.9.8.763","cpe:2.3:a:control-webpanel:webpanel:0.9.8.789","cpe:2.3:a:control-webpanel:webpanel:0.9.8.793","cpe:2.3:a:control-webpanel:webpanel:0.9.8.8","cpe:2.3:a:control-webpanel:webpanel:0.9.8.807","cpe:2.3:a:control-webpanel:webpanel:0.9.8.836","cpe:2.3:a:control-webpanel:webpanel:0.9.8.837","cpe:2.3:a:control-webpanel:webpanel:0.9.8.840","cpe:2.3:a:control-webpanel:webpanel:0.9.8.846","cpe:2.3:a:control-webpanel:webpanel:0.9.8.848","cpe:2.3:a:control-webpanel:webpanel:0.9.8.851","cpe:2.3:a:control-webpanel:webpanel:0.9.8.855","cpe:2.3:a:control-webpanel:webpanel:0.9.8.856","cpe:2.3:a:control-webpanel:webpanel:0.9.8.864","cpe:2.3:a:control-webpanel:webpanel:0.9.8.891","cpe:2.3:a:control-webpanel:webpanel:0.9.8.9","cpe:2.3:a:control-webpanel:webpanel:0.9.8.923","cpe:2.3:a:control-webpanel:webpanel:0.9.8.956","cpe:2.3:a:control-webpanel:webpanel:0.9.8.957","cpe:2.3:a:control-webpanel:webpanel:0.9.8.994"]}