Immediately patch CWP vulnerability that allows code execution as root on Linux servers
CWP, formerly known as CentOS Web Panel, is a free Linux control panel for managing dedicated web hosting servers and virtual private servers. The two vulnerabilities were discovered by Octagon Networks researcher Paulos Yibelo. They are tracked under the codes CVE-2021-45467 (file inclusion vulnerability) and CVE-2021-45466 (file write vulnerability) and can be chained to an RCE attack.
In short, when successfully exploiting these two vulnerabilities, hackers can bypass protections to gain access to restricted APIs without authentication.
This can be done by registering an API key via the include file vulnerability and creating a malicious authorized_keys file on the server using the file write vulnerability.
Although the vulnerability includes a patched file CVE-2021-45467, Octagon Network says it has found a way to bypass the patch and continue to exploit some of the servers. Security researchers at Octagon Network claim that when a sufficient number of Linux servers running CWP are patched, they will make their exploits (POCs) public.
According to the developers of CWP, their software supports the following operating systems: CentOS, Rocky Linux, Alma Linux and Oracle Linux.
While the CWP homepage claims that there are about 30,000 servers running CWP, news site BleepingComputer reports that nearly 80,000 servers running CWP are exposed to the Internet on BinaryEdge. More than 200,000 other CWP servers can be found on Shodan and Censys.
You should read it
- Detecting a new Linux vulnerability allows hackers to gain control of the VPN connection
- New privilege escalation vulnerability called 'Dirty Pipe' is threatening all Linux distros
- 12-year vulnerability in pkexec gives hackers root privileges on Linux
- How to install and use a vulnerability scanner in Linux
- The 5 best Linux server distributions
- 7 Enterprise Linux Server Distributions
- 12 best Linux server operating systems
- How to set up your own Git server on Linux
- How to manage remote Linux server using SSH
- New points in SQL Server 2017
- How to access Linux server from Android
- Microsoft fixes a serious vulnerability that has existed for 17 years in Windows Server
Maybe you are interested
Serious vulnerability in OpenSSH threatens millions of servers
After being fired, the former employee deleted 180 of the old company's servers
Microsoft has finalized the end of support for Office 2016 and 2019 applications and servers
Google reveals its new Axion CPU line, specifically customized for cloud and data servers
Top best antivirus software for servers
6 best DNS servers to improve online safety