RCE Alert: Managing Vulnerabilities

Two critical bugs discovered in Control Web Panel means that an unauthenticated attacker can gain remote code execution (RCE) as root on Linux servers. Researchers at Octagon found a file inclusion vulnerability and a file write flaw that create an RCE when chained together.  

Control panels are an online interface that allow you to control different aspects of your web server. Control Web Panel (CWP) is a popular open-source software used for managing dedicated web hosting servers and virtual private servers. It takes care of all the things you could do logging into your server, but eliminates the need to connect via SSH every time you want to complete a small task. CWP isn’t the largest web-hosting manager out there but it is used by more than 200k servers worldwide. 

Remote code execution (RCE) is a category of cyberattacks in which threat actors can remotely run malicious code, install anything including malware or spyware, and even take over full operation of another computer or system. It is one of the worst vulnerabilities out there due to the huge volume of control an attacker can obtain and the potential for privilege escalation.

CWP weren’t the only ones this week. Another vulnerability waiting to be discovered is a new CVE named “PwnKit” that is found to be in every default Linux distribution and gives access to root privileges on the system, using the default Polkit configuration. Numerous patches and temporary mitigations have been released and Polkit themselves released patches on their Github, strongly recommending applying them. 

Staying ahead of vulnerabilities doesn’t need to be stressful. Here are our top 3 tips to smoothly manage vulnerabilities:

  1. Those who know that something is coming are better prepared to face it than those who do not know! Check the latest Cyber news, advisories and vulnerabilities daily, through news reports or automatic feeds. Stay current with the latest releases and warnings from CISA and others.
  2. Take a full risk and vulnerability assessment. A systematic review of a company’s security posture will identify vulnerabilities, recommend remediation, and assign severity levels to help prioritize your actions. It’s the best way to ensure maximum security controls are in place to preempt the issues that can come along. 
  3. Get that response team in place! When people know their roles in responding to a vulnerability or worse, mitigation can take place quickly and efficiently. Clear inventory, roles and responsibilities will facilitate a smooth response without disturbing the company’s daily business.

Start Getting Value With
Centraleyes for Free

See for yourself how the Centraleyes platform exceeds anything an old GRC
system does and eliminates the need for manual processes and spreadsheets
to give you immediate value and run a full risk assessment in less than 30 days