Home > Cyber News > CVE-2021-45467 and CVE-2021-45466 CWP Flaws Expose Linux Servers
CYBER NEWS

CVE-2021-45467 and CVE-2021-45466 CWP Flaws Expose Linux Servers

by   |  Last Update:  |  0 Comments  

CVE-2021-45467-and-CVE-2021-45466-sensorstechforum
Two vulnerabilities were discovered in Control Web Panel (CWP) – a widely-used web hosting management platform utilized by more than 200,000 servers. The flaws could allow code execution as root on Linux servers, and were discovered by Octagon Network researcher Paulos Yibelo.

CVE-2021-45467 and CVE-2021-45466 CWP Vulnerabilities

The flaws were given the following identifiers: CVE-2021-45467 (a file inclusion bug) and CVE-2021-45466 (a file write issue). It should be noted that the vulnerabilities could be used for remote code execution attacks, when used (chained) together.




More about CWP and the Attacks

CWP is previously known as CentOS Web Panel, and is an open-source Linux control panel software designed for creating and managing web host environments. CWP supports several operating systems, including CentOS, Rocky Linux, Alma Linux, and Oracle Linux.

Both vulnerabilities were located in parts of the CWP panel which are exposed and without authentication in the webroot.

After hosting CWP on a local environment it quickly became evident that most features require administrative or user accounts to perform. Since we are interested only in vulnerabilities that can be exploited without user authentication or interaction, we will avoid all the restricted sections and focus our research on parts of the panel that are exposed without authentication in the webroot. Turns out, not a lot is exposed, the report explained.

To exploit the flaws and inject malicious code from a remote resource in an RCE attack scenario, the threat actor only needs to alter the include statement, used to insert the content of one PHP file into another PHP file prior to the server executing it. The researchers will release a full PoC for red teams that achieves preauth RCE, once enough servers migrate to the latest version.
Full technical disclosure is available in the original report.

Related Story: Windows Subsystem for Linux Presents a New Attack Surface

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Related posts:
  1. The Best Linux Server Distributions in 2017 Gnu/Linux is one of the leading server operating systems due...
  2. Top 15 Linux Security Questions You Didn’t Know You Had Beginner Linux administrators and users should know that even though...
  3. Adobe Patches 112 Vulnerabilities in Latest Patch Package (CVE-2018-5007) Adobe has released the latest patch package that addresses a...
  4. Top Security and Privacy Linux Distributions in 2019 There are many specialist Linux distributions that are designed with...
  5. The 10 Best Methods on How to Improve Linux Security This blog post is created in order to help you...
  6. The Most Exploited Vulnerabilities in 2021 Include CVE-2021-44228, CVE-2021-26084 Which were the most routinely exploited security vulnerabilities in 2021?...
  7. Linux Threat Landscape 2021: Most Prevalent Malware and Vulnerabilities What are the threats endangering Linux systems? Security researchers from...
  8. CVE-2021-38647: OMIGOD Flaws Could Allow Attackers to Target Azure Cloud Customers Four security vulnerabilities, recently addressed in Microsoft Windows Patch Tuesday...

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree