Control Web Panel (CWP), a server management tool formerly known as CentOS Web Panel, just corrected a serious vulnerability that hackers are actively utilising.

The security flaw, known as CVE-2022-44877, has a critical severity rating of 9.8 out of 10, as it enables remote code execution without authentication by an attacker.

On January 3, researcher Numan Türle of Gais Cyber Security published a proof-of-concept (PoC) vulnerability and a video demonstrating how it operates after initially reporting the problem in the fall of last year.

Security experts discovered hackers using the issue three days later to get remote access to unpatched systems and discover additional susceptible workstations.

On October 25, 2022, CWP version 0.9.8.1147 was released to address CVE-2022-44877, a problem that existed in earlier iterations of the panel.

When searching for CWP servers on the Shodan platform, CloudSek discovered more than 400,000 CWP instances that were up and made their technical analysis of the PoC exploit code available.

Researchers at the Shadowserver Foundation who saw the vulnerability being exploited indicate that 38,000 CWP instances are detected daily in their scans.

This number represents the platform's population rather than the population of vulnerable computers.