Remote Code Execution Vulnerability in Control Web Panel by CWP
CVE-2025-48703

9CRITICAL

Key Information:

Vendor: Centos-webpanel
Status: Centos Web Panel
Vendor: CVE Published:; 19 September 2025

🔔 Create Centos-webpanel Vulnerability Alert

Badges

💰 Ransomware👾 Exploit Exists🟣 EPSS 68%🦅 CISA Reported📰 News Worthy

What is CVE-2025-48703?

A vulnerability exists in Control Web Panel (CWP) that allows unauthenticated remote code execution. This issue arises when shell metacharacters are used in the t_total parameter during a file manager changePerm request. An attacker must possess knowledge of a valid non-root username to exploit this vulnerability effectively. If successfully exploited, it may lead to unauthorized command execution on the server, posing a significant security risk to the affected systems.

CISA has reported CVE-2025-48703

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2025-48703 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace as recent news articles suggest the vulnerability is being used by ransomware groups.

The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Affected Version(s)

CentOS Web Panel 0 < 0.9.8.1205

News Articles

Help Net Security

CVE-2025-48703 CVE-2025-20358

Week in review: Cisco fixes critical UCCX flaws, November 2025 Patch Tuesday forecast - Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Securing real-time payments without slowing them down In

3 weeks ago