CVE-2025-48703

CRITICAL KEV NUCLEI

CWP <0.9.8.1205 - RCE

Title source: llm

Description

CWP (aka Control Web Panel or CentOS Web Panel) before 0.9.8.1205 allows unauthenticated remote code execution via shell metacharacters in the t_total parameter in a filemanager changePerm request. A valid non-root username must be known.

Exploits (5)

nomisec WORKING POC 3 stars

by Skynoxk · remote

https://github.com/Skynoxk/CVE-2025-48703

View Code ZIP pw:eip

nomisec WORKING POC 2 stars

by ftz7 · poc

https://github.com/ftz7/PoC-CVE-2025-48703

View Code ZIP pw:eip

nomisec SUSPICIOUS

by itstarsec · remote

https://github.com/itstarsec/CVE-2025-48703

View Code ZIP pw:eip

vulncheck_xdb WORKING POC

remote

https://github.com/137f/PoC-CVE-2025-48703

View Code ZIP pw:eip

vulncheck_xdb

remote

https://github.com/Sq-CC/CVE-2025-48703

View on vulncheck_xdb

Nuclei Templates (1)

CWP (Control Web Panel) < 0.9.8.1205 - Remote Code Execution

CRITICALby theamanrawat

Shodan: Server: cwpsrv

References (3)

[Exploit, Third Party Advisory] https://fenrisk.com/rce-centos-webpanel

[Release Notes] https://control-webpanel.com/changelog

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-48703

Scores

CVSS v3 9.0

EPSS 0.6202

EPSS Percentile 98.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Details

CISA KEV 2025-11-04

VulnCheck KEV 2025-08-15

ENISA EUVD EUVD-2025-30324

CWE

CWE-78

Status published

Products (1)

control-webpanel/webpanel < 0.9.8.1205

Published Sep 19, 2025

KEV Added Nov 04, 2025

Tracked Since Feb 18, 2026