These critical security bugs put Linux servers at risk of attack

Close up of the Linux penguin.
(Image credit: Linux)

Researchers have discovered that Control Web Panel (CWP), a popular web hosting management software, carried with it two flaws which, when chained together, lead to a remote code execution (RCE) vulnerability on certain Linux-powered servers.

A report from Octagon Networks researcher Paulos Yibelo details two vulnerabilities in CWP - CVE-2021-45467, and CVE-2021-45466. CWP supports CentOS, rocky Linux, Alma Linux, and Oracle Linux.

The blog post gets very technical on the vulnerabilities, but long story short - some parts of CWP panel are exposed, without authentication in the webroot. 

Exposed

“Turns out, not a lot is exposed,” the blog post concludes. 

Yibelo said the team will release a full Proof-of-Concept for red teams, that achieves preauth RCE, once enough servers migrate to the latest versions and thus mitigate the threat. 

It's been a tough week for Linux fans, after researchers from Qualys also recently identified a decade-old “extremely severe” vulnerability affecting every major distro for the operating system (OS).

Mitigating high severity threats

The vulnerability, “hiding in plain sight” for more than 12 years, is a memory corruption in polkit’s pkexec. 

As explained by the researchers, it’s an SUID-root program, installed by default. Malicious actors could exploit the bug to gain full root privileges on the target machine, and then do as they please - even install malware or ransomware

Also recently, a high severity vulnerability was found in Ubuntu, allowing malicious actors to crash the system, or run software in administrator mode. 

The vulnerability, tracked as CVE-2022-0185, allegedly affects all of the Ubuntu releases that are still being supported. That includes Ubuntu 21.10 Impish Indri with Linux kernel 5.13, Ubuntu 21.04 Hirsute Hippo with Linux kernel 5.11, Ubuntu 20.04 LTS Focal Fossa, and Ubuntu 18.04 LTS Bionic Beaver, both with Linux kernel 5.4 LTS.

As usual, admins are urged to update their systems to the latest version as soon as possible.

Via: ThreatPost

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.