Control Web Panel
WebPanel => Updates => Topic started by: vtheod on January 26, 2022, 02:58:48 PM
-
Hello all!
After reading about the CVE-2021-45466 vulnerability, I did a cwp update to my servers. The problem is that in all servers, the update returns the following errors:
rm: cannot remove ‘/usr/local/cwpsrv/htdocs/admin/user/loader.php’: Permission denied
rm: cannot remove ‘/usr/local/cwpsrv/htdocs/admin/user/index.php’: Permission denied
rm: cannot remove ‘/usr/local/cwpsrv/htdocs/admin/user/design’: Permission denied
Since these files are the vulnerable ones, should I delete them manually or am I going to break something?
All servers are running on CentOS 7.9.2009 with CWPpro version: 0.9.8.1122.
Thanks in advance,
Vassilis
-
I think that is ok remove these files because the remove command is part of the update script, but the problem is that you can't remove these files in File Manager or via SSH using RM command... and I tried remove logged as root and using the command SUDO.
If you know how we can remove these files... will help.
[]'s
-
can you post here the permissions and attributes these files has?
Use
ls -all filename
and this:
lsattr filename
-
can you post here the permissions and attributes these files has?
Use
ls -all filename
and this:
lsattr filename
I just checked myself. They are locked. You cant delete them even with root and sudo, unless you remove the lock attribute, with root or the owner of the file.
Do I need to delete these files on my server?
Also, can someone tell my why people keep saying that CWP is open source when everything is encrypted with IonCube? How do several sites talking about this CVE show the decrypted content of these files?
-
How can I check if I have been targeted by this?
-
If you know how we can remove these files... will help.
I was thinking of connecting to the server through the emergency console and delete the files. I can't think of some other way.
Anyway, before we take any actions, I think that the developers should give us an answer to this.
-
If you know how we can remove these files... will help.
I was thinking of connecting to the server through the emergency console and delete the files. I can't think of some other way.
Anyway, before we take any actions, I think that the developers should give us an answer to this.
You can delete the files with:
To unlock the file: chattr -i file
To delete: rm file
but dont do it yet. I'm waiting for the devs to say something as well
-
Already fixed and you didn't need to do anything just stay updated (CWP)
-
Already fixed and you didn't need to do anything just stay updated (CWP)
Nothing changed... the error in update_cwp script persist when it try remove these files.
(https://i.ibb.co/qBsWsSc/Screenshot-20220127-122112-1.png) (https://ibb.co/jhMWMNQ)
-
this shouldn't do any harm