Control web panel 7 (cwp7) v0.9.8.1147 remote code execution (rce) Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2023-04-05 |
Type : webapps |
Platform : php
This exploit / vulnerability Control web panel 7 (cwp7) v0.9.8.1147 remote code execution (rce) is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
// Exploit Title: Control Web Panel 7 (CWP7) v0.9.8.1147 - Remote Code Execution (RCE)
// Date: 2023-02-02
// Exploit Author: Mayank Deshmukh
// Vendor Homepage: https://centos-webpanel.com/
// Affected Versions: version < 0.9.8.1147
// Tested on: Kali Linux
// CVE : CVE-2022-44877
// Github POC: https://github.com/ColdFusionX/CVE-2022-44877-CWP7
// Exploit Usage : go run exploit.go -u https://127.0.0.1:2030 -i 127.0.0.1:8020