CVE-2025-48703
Published Sep 19, 2025
Last updated a month ago
AI description
CVE-2025-48703 is a Remote Code Execution (RCE) vulnerability found in the `filemanager` module of a web hosting control panel, such as cPanel. The vulnerability stems from improper input sanitization in the `acc=changePerm` function, which allows attackers to inject and execute arbitrary system commands using the `t_total` parameter. This vulnerability allows attackers to execute arbitrary commands on the target server. Successful exploitation could lead to establishing a reverse shell for persistent access and potentially escalating privileges or moving laterally within the system. It was reported to affect CentOS Web Panel (CWP) versions 0.9.8.1204 and 0.9.8.1188.
- Description
- CWP (aka Control Web Panel or CentOS Web Panel) before 0.9.8.1205 allows unauthenticated remote code execution via shell metacharacters in the t_total parameter in a filemanager changePerm request. A valid non-root username must be known.
- Source
- cve@mitre.org
- NVD status
- Analyzed
- Products
- webpanel
CVSS 3.1
- Type
- Secondary
- Base score
- 9
- Impact score
- 6
- Exploitability score
- 2.2
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- CWP Control Web Panel OS Command Injection Vulnerability
- Exploit added on
- Nov 4, 2025
- Exploit action due
- Nov 25, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- cve@mitre.org
- CWE-78
- Hype score
- Not currently trending
🚨 Control Web Panel Security Advisory [—] Nov 13, 2025 Comprehensive security advisory for Control Web Panel (CWP) focusing on CVE-2025-48703 and related security measures. Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1... https://t.co/eMgOZ5g1du
@transilienceai
13 Nov 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Threat Alert: CVE-2025-48703 CWP Critical Vulnerability 🚨 CVE-2025-48703 is a critical vulnerability in CWP (Control Web Panel, formerly CentOS Web Panel) affecting versions before 0.9.8.1205. This flaw allows unauthenticated remote attackers to execute arbitrary code
@ArmisSecurity
11 Nov 2025
80 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Control Web Panel [—] Nov 11, 2025 Product Security Advisory regarding CVE-2025-48703, an OS Command Injection Vulnerability. Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1 https://t.co/QuwNtEgYh1 #ThreatIntelligence #LLM https://t.co/h7UzFRcH4P
@transilienceai
11 Nov 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
به تازگی برای CentOS Web Panel آسیب پذیری با کد شناسایی CVE-2025-48703 منتشر شده است که باعث اجرای کامند در shell می شود. تمام نسخه های قبل از 0.9.8.1204 ، دارای این آسیب پذیری می
@AmirHossein_sec
10 Nov 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Control Web Panel Security Advisory [—] Nov 10, 2025 Comprehensive analysis of CVE-2025-48703, a critical OS Command Injection vulnerability in Control Web Panel (CWP). Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1... https://t.co/BvBAWyelG1
@transilienceai
10 Nov 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Control Web Panel Security Advisory [—] Nov 08, 2025 Comprehensive analysis of CVE-2025-48703, a critical OS Command Injection vulnerability in Control Web Panel (CWP) leading to unauthenticated remote code execution. Checkout our Threat Intelligence Platform:... https://t
@transilienceai
8 Nov 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CISA adds 2 critical bugs to KEV: CVE-2025-11371 (file leak) & CVE-2025-48703 (RCE). Huntress sees active attacks. Patch NOW!
@CentlogixAgency
8 Nov 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-11-06 KEV: CVE-2025-48703 — CWP Control Web Panel NVD: CVE-2025-3125 — arbitrary file upload vulnerability News: ClickFix malware attacks evolve with multi-OS… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
6 Nov 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Urgent: Critical Web Panel Flaw Actively Exploited (CVE-2025-48703) https://t.co/qmt7eWd0Ky #CommandInjection #ControlWebPanel #cve-2025-48703 #ServerSecurity
@wizconsults
6 Nov 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical RCE in CWP (Control Web Panel) – CVE-2025-48703 • Affects versions < 0.9.8.1205 • Vulnerability: unauthenticated remote code execution via the t_total param in the filemanager changePerm endpoint • Real-world exploit potential (CISA KEV)
@bountyayush
6 Nov 2025
8 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🔍 𝐂𝐈𝐒𝐀 𝐰𝐚𝐫𝐧𝐬 𝐨𝐟 𝐜𝐫𝐢𝐭𝐢𝐜𝐚𝐥 𝐂𝐞𝐧𝐭𝐎𝐒 𝐖𝐞𝐛 𝐏𝐚𝐧𝐞𝐥 𝐛𝐮𝐠 𝐞𝐱𝐩𝐥𝐨𝐢𝐭𝐞𝐝 𝐢𝐧 𝐚𝐭𝐭𝐚𝐜𝐤𝐬 • CISA added CVE-2025-48703 to its KEV catal
@PurpleOps_io
5 Nov 2025
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-11-05 KEV: CVE-2025-48703 — CWP Control Web Panel NVD: CVE-2025-12184 — MeetingList plugin for WordPress News: Google warns of new AI-powered malware… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
5 Nov 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA Alert: Two new vulns added to the KEV catalog: • CVE-2025-11371 – Gladinet (file exposure) • CVE-2025-48703 – CWP (unauth RCE) Patch by Nov 25. Also flagged: active exploits in 3 WordPress plugins. #Cybersecurity #CISA #KEV #Infosec #Vulnerability https://t.co/E9fD
@CloneSystemsInc
5 Nov 2025
69 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical #ControlWebPanel #vulnerability is actively exploited (CVE-2025-48703) https://t.co/ltGGhaXBau https://t.co/lXooiNMwXY
@evanderburg
5 Nov 2025
66 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA Warns of CWP Vulnerability Exploited in the Wild A critical vulnerability in Control Web Panel (CWP), tracked as CVE-2025-48703, allows remote, unauthenticated command execution. The post CISA Warns of CWP Vulnerability Exploited in the Wild appeared first on SecurityWeek.
@DConsultinguk
5 Nov 2025
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA Warns of CWP Vulnerability Exploited in the Wild (CVE-2025-48703) https://t.co/PrcWjogBVh #patchmanagement
@eyalestrin
5 Nov 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨CVE-2025-48703 and CVE-2025-11371 have been added to the CISA KEV Catalog. https://t.co/9idGUAHIKd
@DarkWebInformer
4 Nov 2025
3578 Impressions
6 Retweets
12 Likes
5 Bookmarks
0 Replies
0 Quotes
Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2025-48703 #CWP Control Web Panel OS Command Injection Vulnerability https://t.co/rR8QN5yKJi
@ScyScan
4 Nov 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Today @CISACyber🛡️added Gladinet CentreStack and Triofox vulnerability CVE-2025-11371 & CWP vulnerability CVE-2025-48703 to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/LMm64iCTbf & apply mitigation to protect your org from cyberattacks. #Cybersecu
@7thGensec
4 Nov 2025
58 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🛡️ We added Gladinet CentreStack and Triofox vulnerability CVE-2025-11371 & CWP vulnerability CVE-2025-48703 to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/myxOwap1Tf & apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoS
@CISACyber
4 Nov 2025
5216 Impressions
11 Retweets
30 Likes
1 Bookmark
1 Reply
1 Quote
🚨 CVE-2025-48703 - critical 🚨 CWP (Control Web Panel) < 0.9.8.1205 - Remote Code Execution > CWP (Control Web Panel) < 0.9.8.1205 contains a remote code execution caused by shell... 👾 https://t.co/4Ntj4TTfHu @pdnuclei #NucleiTemplates #cve
@pdnuclei_bot
24 Oct 2025
147 Impressions
1 Retweet
2 Likes
1 Bookmark
0 Replies
0 Quotes
[CVE-2025-48703: CRITICAL] Critical security flaw in CWP (Control Web Panel) before 0.9.8.1205 allows remote code execution via shell metacharacters. Attackers need knowledge of a valid non-root username.#cve,CVE-2025-48703,#cybersecurity https://t.co/goNaPC3jYb https://t.co/4wLD
@CveFindCom
19 Sept 2025
49 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
🚀 New PoC released for CVE-2025-48703 (CWP RCE)! Auto-generates high-hit user dictionaries based on domain traits for better exploitation success. 👉 https://t.co/vtLZIdLGnp #RCE #cybersecurity #CVE
@Oldman_19
7 Jul 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚡️The vulnerability details are now available: https://t.co/uC4D4KoLOz 🚨🚨CVE-2025-48703: Unauthenticated RCE in CentOS Web Panel! Attackers can run arbitrary commands with just a valid username. 🔥EXP: https://t.co/crBc0zZg3r ZoomEye Dork👉app="CentOS WebPanel"
@zoomeye_team
7 Jul 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚡️The vulnerability details are now available: https://t.co/uC4D4KoLOz 🚨🚨CVE-2025-48703: Unauthenticated RCE in CentOS Web Panel! Attackers can run arbitrary commands with just a valid username. ZoomEye Dork👉app="CentOS WebPanel" Over 1.8M vulnerable instances ex
@zoomeye_team
7 Jul 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-48703: RCE in Centos7 Web Panel (https://t.co/vMR5YChgWv) The vulnerability allows an attacker to bypass the authentication process and perform code injection.
@saremi_hos16480
6 Jul 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Remote code execution in CentOS Web Panel - CVE-2025-48703 https://t.co/dhDFT0pzaf
@akaclandestine
6 Jul 2025
1601 Impressions
4 Retweets
22 Likes
9 Bookmarks
0 Replies
0 Quotes
#exploit 1⃣ CVE-2025-48703: RCE in CentOS Web Panel - https://t.co/nugC3SZEEk 2⃣ CVE-2025-31200: Zero-click RCE vulnerability in Apple's iOS 18.x - https://t.co/og6oEa6nmj 3⃣ CVE-2025-32463: Escalation of Privilege to the root through sudo binary with chroot option -
@ksg93rd
6 Jul 2025
1193 Impressions
3 Retweets
29 Likes
9 Bookmarks
0 Replies
0 Quotes
Warning: New vulnerability in @CentOS Web Panel #CVE-2025-48703 allows authentication bypass and remote code execution by anyone with a valid username. Immediate action is required to secure your systems. Don’t wait—update now! https://t.co/Jf50ZtCu8H #Cybersecurity #Patch
@CCBalert
27 Jun 2025
216 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CentOS Web Panel(CWP)に未認証リモートコード実行の脆弱性(CVE-2025-48703)、20万以上のサーバーが対象 #セキュリティ対策Lab #セキュリティ #Security https://t.co/GlR0BIP9jU
@securityLab_jp
26 Jun 2025
108 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
GitHub - trh4ckn0n/CVE-2025-48703: Remote code exec cent os web panel by trhacknon - https://t.co/26ldvGJVWo
@piedpiper1616
26 Jun 2025
1391 Impressions
6 Retweets
13 Likes
5 Bookmarks
1 Reply
0 Quotes
CVE-2025-48703: Remote Code Execution in CentOS Web Panel A critical flaw in CentOS Web Panel allows unauthenticated RCE bypass and command injection, compromising over 200,000 servers. Update to v0.9.8.1205 now https://t.co/ExPN6u0cuh https://t.co/tBoECdwPsG
@freedomhack101
25 Jun 2025
104 Impressions
0 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes
🚨 Critical #CentOS Web Panel Vulnerability (#CVE-2025-48703) Exposes Thousands of Servers to Remote Command Execution https://t.co/P1DGXVxBcT
@UndercodeNews
25 Jun 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-48703: RCE in Centos7 Web Panel, high rating❗️ The vulnerability allows an attacker to bypass the authentication process and perform code injection. Search at https://t.co/hv7QKSqxTR: 👉 Link: https://t.co/z9wNQtchyd #cybersecurity #vulnerability_map https://t.c
@Netlas_io
25 Jun 2025
1064 Impressions
6 Retweets
19 Likes
5 Bookmarks
0 Replies
0 Quotes
🚨 Critical RCE vulnerability (CVE-2025-48703) found in CentOS Web Panel! Unauthenticated attackers can execute arbitrary commands. Update CWP ASAP & tighten security! 🔥 #Cybersecurity #RCE #CentOS https://t.co/Pnf7IsmcI3
@fernandokarl
25 Jun 2025
66 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-48703 : Remote code execution in CentOS Web Panel https://t.co/Idzubb1Pvl https://t.co/GrnwKRAfZB
@antonio_taboada
25 Jun 2025
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Remote code execution in CentOS Web Panel - CVE-2025-48703 https://t.co/O29ZYQHQjq
@lviru5
25 Jun 2025
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:control-webpanel:webpanel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "345C6B1A-2B79-4105-A61C-B65D0AA4A33B",
"versionEndExcluding": "0.9.8.1205"
}
],
"operator": "OR"
}
]
}
]