CWP (Control Web Panel) < 0.9.8.1205 - Remote Code Execution (CVE-2025-48703)
Description
CWP (Control Web Panel) versions prior to 0.9.8.1205 contain a critical remote code execution vulnerability (CVE-2025-48703). Shell metacharacters in the t_total parameter of the filemanager changePerm request are not properly sanitized, allowing unauthenticated attackers to execute arbitrary OS commands on the server. Exploitation requires knowledge of a valid non-root username on the system.
Remediation
Immediately upgrade CWP (Control Web Panel) to version 0.9.8.1205 or later.<br/><br/>If immediate patching is not possible, apply the following temporary mitigations:<br/>1. Restrict access to the CWP web interface using firewall rules to allow only trusted IP addresses.<br/>2. Monitor server logs for unexpected outbound connections or unusual process execution from the CWP process.<br/><br/>After patching, review system logs for indicators of compromise and rotate all credentials.