Researchers have discovered two critical bugs in Control Web Panel (CWP) – a popular web hosting management software used by 200K+ servers – that could allow for remote code execution (RCE) as root on vulnerable Linux servers. CWP, formerly known as CentOS Web Panel, is an open-source Linux control panel software used for creating and managing web hosting environments.

Read full article on Threat Post