Critical Bugs in Control Web Panel Expose Linux Servers to RCE Attacks

Advisories

Discover Security Vulnerabilities News

Critical Bugs in Control Web Panel Expose Linux Servers to RCE Attacks

2.Motherboard

Researchers have disclosed details of two critical security vulnerabilities (CVE-2021-45467) in Control Web Panel, an open-source Linux control panel software used for deploying web hosting environments, that could be abused as part of an exploit chain to achieve pre-authenticated remote code execution (RCE) on affected servers.

Tracked as CVE-2021-45467, the issue concerns a case of a file inclusion vulnerability, which occurs when a web application is tricked into exposing or running arbitrary files on the web server.

Control Web Panel, previously CentOS Web Panel, is an open-source Linux control panel software used for deploying web hosting environments.

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.