Lucene search
CVE-2021-45467
Unauthenticated attacker can register arbitrary API key in CWP before 0.9.8.1107 using %00 bytes in /user/loader.ph
Show more
| Reporter | Title | Published | Views | Family All 9 |
|---|---|---|---|---|
 | CVE-2021-45467 | 26 Dec 202205:15 | – | cve |
 | Code injection | 26 Dec 202205:15 | – | prion |
 | Ebury Botnet Malware Compromises 400,000 Linux Servers Over Past 14 Years | 15 May 202410:56 | – | thn |
| Critical Bugs in Control Web Panel Expose Linux Servers to RCE Attacks | 22 Jan 202204:04 | – | thn |
 | CVE-2021-45467 | 26 Dec 202200:00 | – | vulnrichment |
 | CVE-2021-45467 | 26 Dec 202200:00 | – | cvelist |
 | CWP Panel Remote Code Execution (CVE-2021-45467; CVE-2021-45466) | 27 Feb 202200:00 | – | checkpoint_advisories |
 | Linux Servers at Risk of RCE Due to Critical CWP Bugs | 24 Jan 202223:08 | – | threatpost |
| Skeletons in the Closet: Security 101 Takes a Backseat to 0-days | 22 Apr 202210:56 | – | threatpost |
Node
| Source | Link |
|---|---|
| octagon | www.octagon.net/blog/2022/01/22/cve-2021-45467-cwp-centos-web-panel-preauth-rce/ |
| control-webpanel | www.control-webpanel.com/changelog |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo26 Dec 2022 05:15Current
CVSS39.8
EPSS0.18807