CVE-2025-48703
⚠ KEVEPSS 67.4%CWP Control Web Panel OS Command Injection Vulnerability
加入 CISA KEV 日:2025/11/4
描述
CWP Control Web Panel (formerly CentOS Web Panel) contains an OS command Injection vulnerability that allows unauthenticated remote code execution via shell metacharacters in the t_total parameter in a filemanager changePerm request. A valid non-root username must be known.
受影響套件(0)
OSV 沒有提供套件對應。