Bleeping Computer

CWP bugs allow code execution as root on Linux servers, patch now

Two security vulnerabilities that impact the Control Web Panel (CWP) software can be chained by unauthenticated attackers to gain remote code execution (RCE) as root on vulnerable Linux servers. CWP, ...
HotHardware

Control Web Panel Security Exploit Leaves 200K Linux Servers Vulnerable To Remote Hacks

If you're not a Linux sysadmin, you might not be familiar with Control Web Panel, but if you are a Linux sysadmin, you almost certainly are at least aware of the app. Control Web Panel, or CWP, is a ...
Bleeping Computer

Latest Control Web Panel news

Hackers are actively exploiting a critical vulnerability patched recently in Control Web Panel (CWP), a tool for managing servers formerly known as CentOS Web Panel. Two security vulnerabilities that ...
InfoQ

Critical Control Web Panel Vulnerability Still Under Exploit Months After Patch Available

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Traditional caching fails to stop "thundering ...
Threat Post

Linux Servers at Risk of RCE Due to Critical CWP Bugs

The two flaws in Control Web Panel – a popular web hosting management software used by 200K+ servers – allow code execution as root on Linux servers. Researchers have discovered two critical bugs in ...
Ars Technica

Vulnerability with 9.8 severity in Control Web Panel is under active exploit

Malicious hackers have begun exploiting a critical vulnerability in unpatched versions of the Control Web Panel, a widely used interface for web hosting. “This is an unauthenticated RCE,” members of ...