Home > Cyber News > CVE-2021-45467 and CVE-2021-45466 CWP Flaws Expose Linux Servers
CYBER NEWS

CVE-2021-45467 and CVE-2021-45466 CWP Flaws Expose Linux Servers

CVE-2021-45467-and-CVE-2021-45466-sensorstechforum
Two vulnerabilities were discovered in Control Web Panel (CWP) – a widely-used web hosting management platform utilized by more than 200,000 servers. The flaws could allow code execution as root on Linux servers, and were discovered by Octagon Network researcher Paulos Yibelo.

CVE-2021-45467 and CVE-2021-45466 CWP Vulnerabilities

The flaws were given the following identifiers: CVE-2021-45467 (a file inclusion bug) and CVE-2021-45466 (a file write issue). It should be noted that the vulnerabilities could be used for remote code execution attacks, when used (chained) together.




More about CWP and the Attacks

CWP is previously known as CentOS Web Panel, and is an open-source Linux control panel software designed for creating and managing web host environments. CWP supports several operating systems, including CentOS, Rocky Linux, Alma Linux, and Oracle Linux.

Both vulnerabilities were located in parts of the CWP panel which are exposed and without authentication in the webroot.

After hosting CWP on a local environment it quickly became evident that most features require administrative or user accounts to perform. Since we are interested only in vulnerabilities that can be exploited without user authentication or interaction, we will avoid all the restricted sections and focus our research on parts of the panel that are exposed without authentication in the webroot. Turns out, not a lot is exposed, the report explained.

To exploit the flaws and inject malicious code from a remote resource in an RCE attack scenario, the threat actor only needs to alter the include statement, used to insert the content of one PHP file into another PHP file prior to the server executing it. The researchers will release a full PoC for red teams that achieves preauth RCE, once enough servers migrate to the latest version.
Full technical disclosure is available in the original report.

Related Story: Windows Subsystem for Linux Presents a New Attack Surface

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Leave a Comment

Your email address will not be published.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...