Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

CISA KEV remediation deadline for CWP exploit

Public Sector Action
First reported
Last updated
Happening score
H score 42
2 unique sources, 2 articles

Summary

Hide ▲

CISA added CVE-2025-48703 to the KEV catalog and set November 25 as the remediation deadline for federal entities using CentOS Web Panel (CWP). Agencies covered by BOD 22-01 must apply available updates, use vendor-provided mitigations, or stop using the product. The action matters because the flaw is being actively exploited and can lead to remote command execution.

Related Happenings

CISA KEV action for CVE-2026-31431 and FCEB remediation

Public Sector Action
First: 03.05.2026 09:26 Last: 03.05.2026 09:26 Sources 1

About this happening: CISA added **CVE-2026-31431** to its **KEV catalog**, putting **Federal Civilian Executive Branch (FCEB)** agencies on notice to remediate an actively exploited Linux privilege-es...

Open Happening

CISA KEV directive for CVE-2026-20133

Public Sector Action
First: 21.04.2026 15:30 Last: 21.04.2026 15:30 Sources 1

About this happening: On **Monday, April 21, 2026**, **CISA** added **CVE-2026-20133** to the **KEV Catalog** and ordered **FCEB agencies** to secure their networks by **Friday, April 24**. The directi...

Open Happening

CISA KEV listing and FCEB ActiveMQ patch order

Public Sector Action
First: 17.04.2026 12:30 Last: 17.04.2026 12:30 Sources 1

About this happening: **CISA** added **CVE-2026-34197** to the **KEV Catalog** and ordered **FCEB** agencies to patch **Apache ActiveMQ** servers within **two weeks**. The directive sets a hard **April...

Open Happening

CISA KEV listing and FCEB patch order for Ivanti EPMM

Public Sector Action
First: 08.04.2026 21:15 Last: 08.04.2026 21:15 Sources 1

About this happening: **CISA** added **CVE-2026-1340** to the **KEV Catalog** and ordered **FCEB agencies** to patch **Ivanti Endpoint Manager Mobile (EPMM)** by **Saturday midnight, April 11**, forcin...

Open Happening

CISA KEV listing and FCEB patch order for CVE-2026-35616

Public Sector Action
First: 06.04.2026 19:02 Last: 06.04.2026 19:02 Sources 1

About this happening: **CISA** added **CVE-2026-35616** to the **KEV Catalog** and ordered **FCEB agencies** to patch **FortiClient EMS** by **Thursday midnight, April 9**. The mandate matters because...

Open Happening

Timeline

  1. 05.11.2025 20:26 1 articles · 6mo ago

    Researcher reports CWP flaw

    Initial Disclosure

    A Fenrisk security researcher reported CVE-2025-48703 to CentOS Web Panel on May 13 after identifying a file-manager `changePerm` endpoint flaw that lets unauthenticated requests reach code expecting a logged-in user, while unsanitized `t_total` input can inject shell commands and spawn a reverse shell as the target user.

    Show sources
    Open in new tab
  2. 05.11.2025 20:26 1 articles · 6mo ago

    CWP releases 0.9.8.1205 fix

    Mitigation Patch Update

    CentOS Web Panel released version 0.9.8.1205 on June 18 to fix CVE-2025-48703, a flaw affecting all CWP versions before 0.9.8.1204 that allows remote unauthenticated attackers with knowledge of a valid username on a CWP instance to execute arbitrary shell commands as that user.

    Show sources
    Open in new tab
  3. 05.11.2025 20:26 3 articles · 6mo ago

    CISA adds CVE-2025-48703 to KEV

    Legal Policy Action Update

    CISA added CVE-2025-48703 to the Known Exploited Vulnerabilities catalog and directed federal entities subject to BOD 22-01 to apply available security updates and vendor-provided mitigations, or stop using CentOS Web Panel, by November 25 after warning that threat actors are exploiting the flaw.

    Show sources
    Open in new tab