Discover Security Vulnerabilities News
Critical Bugs in Control Web Panel Expose Linux Servers to RCE Attacks
Researchers have disclosed details of two critical security vulnerabilities (CVE-2021-45467) in Control Web Panel, an open-source Linux control panel software used for deploying web hosting environments, that could be abused as part of an exploit chain to achieve pre-authenticated remote code execution (RCE) on affected servers.
Tracked as CVE-2021-45467, the issue concerns a case of a file inclusion vulnerability, which occurs when a web application is tricked into exposing or running arbitrary files on the web server.
Control Web Panel, previously CentOS Web Panel, is an open-source Linux control panel software used for deploying web hosting environments.