CWP (Control Web Panel) < 0.9.8.1205 - Remote Code Execution (CVE-2025-48703)
Description
CWP (Control Web Panel) versions prior to 0.9.8.1205 contain a critical remote code execution vulnerability (CVE-2025-48703). Shell metacharacters in the t_total parameter of the filemanager changePerm request are not properly sanitized, allowing unauthenticated attackers to execute arbitrary OS commands on the server. Exploitation requires knowledge of a valid non-root username on the system.
Remediation
Immediately upgrade CWP (Control Web Panel) to version 0.9.8.1205 or later.
If immediate patching is not possible, apply the following temporary mitigations:
1. Restrict access to the CWP web interface using firewall rules to allow only trusted IP addresses.
2. Monitor server logs for unexpected outbound connections or unusual process execution from the CWP process.
After patching, review system logs for indicators of compromise and rotate all credentials.