CVE-2022-44877

CVE-2022-44877 Centos Web Panel 7 Unauthenticated Remote Code Execution

Centos Web Panel 7 Unauthenticated Remote Code Execution - CVE-2022-44877 Vulnerability description RESERVED An issue in the /login/indexphp component of Centos Web Panel 7 before v0981147 allows unauthenticated attackers to execute arbitrary system commands via crafted HTTP requests Version affected Centos Web Panel 7 - < 0981147 Vulnerability demonstration [+] C

Control Web Panel 7 (CWP7) Remote Code Execution (RCE) (CVE-2022-44877) (Unauthenticated)

CVE-2022-44877-CWP7 Control Web Panel 7 (CWP7) Remote Code Execution (RCE) (CVE-2022-44877) (Unauthenticated) Repository will get updated with POC soon

Bash Script for Checking Command Injection Vulnerability on CentOS Web Panel [CWP] (CVE-2022-44877)

CVE-2022-44877 Overview This bash script is used to test the vulnerability of web servers to CVE-2022-44877 The script performs a curl request to a target URL with a payload encoded in base64 If the target is vulnerable to the CVE-2022-44877 vulnerability, the elapsed time of the curl request will be greater than 35 seconds Installation sudo apt-get update sudo apt-get inst

use go-exploit module #when module mode off go get githubcom/vulncheck-oss/go-exploit #when moduile mode on go mod init examplecom/myapp go get githubcom/vulncheck-oss/go-exploit build go build -o cve-2022-44877 maingo

Centos Web Panel 7 Unauthenticated Remote Code Execution - CVE-2022-44877 [+] Centos Web Panel 7 Unauthenticated Remote Code Execution [+] Centos Web Panel 7 - < 0981147 [+] Affected Component ip:2031/login/indexphp?login=$(whoami) [+] Discoverer: Numan Türle @ Gais Cyber Security [+] Vendor: centos-webpanelcom/ - control-webpanelcom/changelog#