Vulnerabilities

CVE-2025-48703

by Fred · 19/09/2025

CWP (aka Control Web Panel or CentOS Web Panel) before 0.9.8.1205 allows unauthenticated remote code execution via shell metacharacters in the t_total parameter in a filemanager changePerm request. A valid non-root username must be known.

More information : https://fenrisk.com/rce-centos-webpanel

Similar

Tags: Cybersecurity Alert