CISA warns that threat actors are exploiting a critical remote command execution vulnerability in CentOS Web Panel (CWP), impacting all versions before 0.9.8.1204. Organizations, especially federal entities, are urged to apply security updates or cease using the affected product by November 25. #CWP #CVE-2025-48703 #KEV
Keypoints
- CISA has added the vulnerability to its Known Exploited Vulnerabilities catalog.
- The flaw allows unauthenticated remote attackers to execute shell commands on CWP instances.
- The vulnerability was demonstrated on CentOS 7 by security researcher Maxime Rinaudo.
- A fix was released by CWP in version 0.9.8.1205 on June 18.
- Federal agencies are advised to patch the vulnerability or stop using the product by November 25.