CVE-2022-44877
CWP Control Web Panel OS Command Injection Vulnerability
CVSS
—
Sin CVSS
EPSS
100.0%
p100
KEV
SÍ
17 ene 2023
Exploit Today
80
0-100
Publicado: — · Última mod.: —
100.0%EPSS · 30 días100.0%
2026-06-302026-07-16
Producto
CWP / Control Web Panel
Vulnerabilidad
CWP Control Web Panel OS Command Injection Vulnerability
Añadido a KEV
17 ene 2023
Remediar antes de
7 feb 2023
Uso conocido en ransomware
No
Descripción resumida
CWP Control Web Panel (formerly CentOS Web Panel) contains an OS command injection vulnerability that allows remote attackers to execute commands via shell metacharacters in the login parameter.
Acción requerida
Apply updates per vendor instructions.
Notas
https://control-webpanel.com/changelog#1669855527714-450fb335-6194; https://nvd.nist.gov/vuln/detail/CVE-2022-44877
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2025-48703—99.9%
KEV—80CWP Control Web Panel OS Command Injection Vulnerability—