{"id":19180,"date":"2026-06-22T13:19:35","date_gmt":"2026-06-22T13:19:35","guid":{"rendered":"https:\/\/truehost.com\/support\/?post_type=docs&p=19180"},"modified":"2026-06-22T13:40:41","modified_gmt":"2026-06-22T13:40:41","password":"","slug":"centos-web-panel-cwp-security-vulnerability-remediation-guide","status":"publish","type":"docs","link":"https:\/\/truehost.com\/support\/knowledge-base\/centos-web-panel-cwp-security-vulnerability-remediation-guide\/","title":{"rendered":"CentOS Web Panel (CWP) Security Vulnerability \u2013 Remediation Guide"},"content":{"rendered":"\n
\n

DISCLAIMER:<\/strong> This advisory applies only to users running CentOS Web Panel (CWP). If you are not using CWP, you do not need to take any action based on this guide.<\/em><\/p>\n\n\n\n

For users running CentOS 7 or older:<\/strong> We strongly advise you to back up your files and have your server reinstalled with CentOS 8, CentOS 9, AlmaLinux 8, AlmaLinux 9, or AlmaLinux 10.<\/em><\/p>\n<\/blockquote>\n\n\n\n

\n

Overview<\/h2>\n\n\n\n

A critical vulnerability has been identified in CentOS Web Panel (CWP) that allows malicious users to gain unauthorized root access to affected servers. The vulnerability exists within the CWP interface and permits attackers to inject and execute arbitrary shell commands with root privileges.<\/p>\n\n\n\n

Severity:<\/strong> Critical
Affected Component:<\/strong> CWP Interface
Required Action:<\/strong> Immediate<\/p>\n\n\n\n

For detailed technical information, see: CVE-2025-67888<\/a><\/p>\n\n\n\n

Remediation Steps<\/h2>\n\n\n\n

Step 1: Run the Security Remediation Script (Required)<\/h3>\n\n\n\n

The fastest and most reliable way to address this vulnerability is to execute our prepared remediation script. Choose one of the following commands based on your preferred download utility:<\/p>\n\n\n\n

Using cURL:<\/h4>\n\n\n\n
curl -s https:\/\/fsn114.truehost.cloud\/download\/CVE_cwp-2026-remediation.sh -o \/tmp\/remediation.sh && sudo bash \/tmp\/remediation.sh\n<\/code><\/pre>\n\n\n\n
Using wget:<\/h4>\n\n\n\n
wget -q https:\/\/fsn114.truehost.cloud\/download\/CVE_cwp-2026-remediation.sh -O \/tmp\/remediation.sh && sudo bash \/tmp\/remediation.sh\n<\/code><\/pre>\n\n\n\n
Note:<\/strong> The script must be executed with root\/sudo privileges.<\/p>\n\n\n\n
Step 2: Install and Configure Mod Security (Recommended)<\/h3>\n\n\n\n
Mod Security provides an additional layer of protection by filtering malicious requests at the web server level.<\/p>\n\n\n\n
Installation Instructions:<\/h4>\n\n\n\n
    \n
  1. Log into CWP as root<\/li>\n\n\n\n
  2. Navigate to Security<\/strong> \u2192 Mod Security<\/strong><\/li>\n\n\n\n
  3. You will see a message indicating: “Mod Security configuration is: not installed”<\/li>\n\n\n\n
  4. Select your preferred rule set from the options below:\n
      \n
    • OWASP Old<\/strong> \u2013 Traditional OWASP rules (default with CWP)<\/li>\n\n\n\n
    • OWASP Latest<\/strong> \u2013 Latest OWASP rules with automatic updates (CWP Pro required)<\/em><\/li>\n\n\n\n
    • Comodo WAF<\/strong> \u2013 Comodo Web Application Firewall with automatic updates (CWP Pro required)<\/em><\/li>\n<\/ul>\n<\/li>\n\n\n\n
    • Click the Install Mod Security<\/strong> button<\/li>\n\n\n\n
    • Confirm the installation at the dialog prompt<\/li>\n\n\n\n
    • Monitor the installation log until you see: “Mod Security Successfully Installed”<\/li>\n<\/ol>\n\n\n\n
      Step 3: Update CWP to the Latest Version<\/h3>\n\n\n\n
      Ensure CWP is running the most recent version with all security patches applied.<\/p>\n\n\n\n
      Execute the following commands in order:<\/p>\n\n\n\n
      sh \/usr\/local\/cwpsrv\/htdocs\/resources\/scripts\/update_cwp<\/code><\/pre>\n\n\n\n
      Then:<\/p>\n\n\n\n
      sh \/scripts\/update_cwp\n<\/code><\/pre>\n\n\n\n
      Important:<\/strong> Note any error messages that appear during the update process. If you encounter errors, please contact support with the error details.<\/p>\n\n\n\n
      Step 4: Rerun the Remediation Script (Recommended)<\/h3>\n\n\n\n
      After completing the above steps, rerun the remediation script to ensure all protections are properly applied:<\/p>\n\n\n\n
      Using cURL:<\/h4>\n\n\n\n
      curl -s https:\/\/fsn114.truehost.cloud\/download\/CVE_cwp-2026-remediation.sh -o \/tmp\/remediation.sh && sudo bash \/tmp\/remediation.sh\n<\/code><\/pre>\n\n\n\n
      Using wget:<\/h4>\n\n\n\n
      wget -q https:\/\/fsn114.truehost.cloud\/download\/CVE_cwp-2026-remediation.sh -O \/tmp\/remediation.sh && sudo bash \/tmp\/remediation.sh\n<\/code><\/pre>\n\n\n\n
      Verification<\/h2>\n\n\n\n
      After completing all remediation steps, verify that:<\/p>\n\n\n\n
        \n
      • [ ] The remediation script completed without errors<\/li>\n\n\n\n
      • [ ] Mod Security is installed and active<\/li>\n\n\n\n
      • [ ] CWP has been updated to the latest version<\/li>\n\n\n\n
      • [ ] CWP interface is functioning normally<\/li>\n\n\n\n
      • [ ] Your web applications continue to operate as expected<\/li>\n<\/ul>\n\n\n\n
        Support<\/h2>\n\n\n\n
        If you encounter any issues during the remediation process, or if you have questions about this vulnerability, our support team is available to assist.<\/p>\n\n\n\n
        Contact:<\/strong> support@truehost.cloud<\/p>\n\n\n\n
        When contacting support, please include:<\/p>\n\n\n\n
          \n
        • Any error messages encountered<\/li>\n\n\n\n
        • Your CWP version<\/li>\n\n\n\n
        • Steps you have already completed<\/li>\n\n\n\n
        • Temporary access to the server, sharable via https:\/\/pass.cloudoon.com\/<\/li>\n<\/ul>\n\n\n\n
          Summary<\/h2>\n\n\n\n
          Step<\/th>Action<\/th>Priority<\/th><\/tr><\/thead>
          1<\/td>Run remediation script<\/td>Required<\/strong><\/td><\/tr>
          2<\/td>Install Mod Security<\/td>Required<\/td><\/tr>
          3<\/td>Update CWP<\/td>Required<\/td><\/tr>
          4<\/td>Rerun remediation script<\/td>Recommended<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n
          Timeline:<\/strong> Complete all steps as soon as possible to minimize security exposure.<\/p>\n\n\n\n
          ~ Truehost Team<\/p>\n\n\n\n
          <\/p>\n<\/blockquote>\n","protected":false},"excerpt":{"rendered":"
          DISCLAIMER: This advisory applies only to users running CentOS Web Panel (CWP). If you are not using CWP, you do not need to take any action based on this guide. For users running CentOS 7 or older: We strongly advise you to back up your files and have your server reinstalled with CentOS 8, CentOS […]<\/p>\n","protected":false},"author":26,"featured_media":0,"comment_status":"open","ping_status":"closed","template":"","meta":{"_eb_attr":"","_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"footnotes":""},"doc_category":[2132,2120,1824,1835],"doc_tag":[],"class_list":["post-19180","docs","type-docs","status-publish","hentry","doc_category-cloudpanel","doc_category-cwp-panel","doc_category-dedicated-servers","doc_category-security"],"year_month":"2026-06","word_count":580,"total_views":0,"reactions":{"happy":0,"normal":0,"sad":0},"author_info":{"name":"B O","author_nicename":"bravin","author_url":"https:\/\/truehost.com\/support\/author\/bravin\/"},"doc_category_info":[{"term_name":"Cloudpanel","term_url":"https:\/\/truehost.com\/support\/docs-category\/cloudpanel\/"},{"term_name":"CWP Panel","term_url":"https:\/\/truehost.com\/support\/docs-category\/cwp-panel\/"},{"term_name":"dedicated servers","term_url":"https:\/\/truehost.com\/support\/docs-category\/dedicated-servers\/"},{"term_name":"Security","term_url":"https:\/\/truehost.com\/support\/docs-category\/security\/"}],"doc_tag_info":[],"yoast_head":"\nCentOS Web Panel (CWP) Security Vulnerability \u2013 Remediation Guide -<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/truehost.com\/support\/knowledge-base\/centos-web-panel-cwp-security-vulnerability-remediation-guide\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CentOS Web Panel (CWP) Security Vulnerability \u2013 Remediation Guide -\" \/>\n<meta property=\"og:description\" content=\"DISCLAIMER: This advisory applies only to users running CentOS Web Panel (CWP). If you are not using CWP, you do not need to take any action based on this guide. For users running CentOS 7 or older: We strongly advise you to back up your files and have your server reinstalled with CentOS 8, CentOS […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/truehost.com\/support\/knowledge-base\/centos-web-panel-cwp-security-vulnerability-remediation-guide\/\" \/>\n<meta property=\"article:modified_time\" content=\"2026-06-22T13:40:41+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/truehost.com\\\/support\\\/knowledge-base\\\/centos-web-panel-cwp-security-vulnerability-remediation-guide\\\/\",\"url\":\"https:\\\/\\\/truehost.com\\\/support\\\/knowledge-base\\\/centos-web-panel-cwp-security-vulnerability-remediation-guide\\\/\",\"name\":\"CentOS Web Panel (CWP) Security Vulnerability \u2013 Remediation Guide -\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/truehost.com\\\/support\\\/#website\"},\"datePublished\":\"2026-06-22T13:19:35+00:00\",\"dateModified\":\"2026-06-22T13:40:41+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/truehost.com\\\/support\\\/knowledge-base\\\/centos-web-panel-cwp-security-vulnerability-remediation-guide\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/truehost.com\\\/support\\\/knowledge-base\\\/centos-web-panel-cwp-security-vulnerability-remediation-guide\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/truehost.com\\\/support\\\/knowledge-base\\\/centos-web-panel-cwp-security-vulnerability-remediation-guide\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/truehost.com\\\/support\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CentOS Web Panel (CWP) Security Vulnerability \u2013 Remediation Guide\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/truehost.com\\\/support\\\/#website\",\"url\":\"https:\\\/\\\/truehost.com\\\/support\\\/\",\"name\":\"\",\"description\":\"Help In a Click\",\"publisher\":{\"@id\":\"https:\\\/\\\/truehost.com\\\/support\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/truehost.com\\\/support\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/truehost.com\\\/support\\\/#organization\",\"name\":\"Truehost Kenya\",\"url\":\"https:\\\/\\\/truehost.com\\\/support\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/truehost.com\\\/support\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/truehost.com\\\/support\\\/wp-content\\\/uploads\\\/2026\\\/04\\\/cropped-image_2026-04-16_174808866.png\",\"contentUrl\":\"https:\\\/\\\/truehost.com\\\/support\\\/wp-content\\\/uploads\\\/2026\\\/04\\\/cropped-image_2026-04-16_174808866.png\",\"width\":240,\"height\":48,\"caption\":\"Truehost Kenya\"},\"image\":{\"@id\":\"https:\\\/\\\/truehost.com\\\/support\\\/#\\\/schema\\\/logo\\\/image\\\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CentOS Web Panel (CWP) Security Vulnerability \u2013 Remediation Guide -","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/truehost.com\/support\/knowledge-base\/centos-web-panel-cwp-security-vulnerability-remediation-guide\/","og_locale":"en_US","og_type":"article","og_title":"CentOS Web Panel (CWP) Security Vulnerability \u2013 Remediation Guide -","og_description":"DISCLAIMER: This advisory applies only to users running CentOS Web Panel (CWP). If you are not using CWP, you do not need to take any action based on this guide. For users running CentOS 7 or older: We strongly advise you to back up your files and have your server reinstalled with CentOS 8, CentOS […]","og_url":"https:\/\/truehost.com\/support\/knowledge-base\/centos-web-panel-cwp-security-vulnerability-remediation-guide\/","article_modified_time":"2026-06-22T13:40:41+00:00","twitter_card":"summary_large_image","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/truehost.com\/support\/knowledge-base\/centos-web-panel-cwp-security-vulnerability-remediation-guide\/","url":"https:\/\/truehost.com\/support\/knowledge-base\/centos-web-panel-cwp-security-vulnerability-remediation-guide\/","name":"CentOS Web Panel (CWP) Security Vulnerability \u2013 Remediation Guide -","isPartOf":{"@id":"https:\/\/truehost.com\/support\/#website"},"datePublished":"2026-06-22T13:19:35+00:00","dateModified":"2026-06-22T13:40:41+00:00","breadcrumb":{"@id":"https:\/\/truehost.com\/support\/knowledge-base\/centos-web-panel-cwp-security-vulnerability-remediation-guide\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/truehost.com\/support\/knowledge-base\/centos-web-panel-cwp-security-vulnerability-remediation-guide\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/truehost.com\/support\/knowledge-base\/centos-web-panel-cwp-security-vulnerability-remediation-guide\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/truehost.com\/support\/"},{"@type":"ListItem","position":2,"name":"CentOS Web Panel (CWP) Security Vulnerability \u2013 Remediation Guide"}]},{"@type":"WebSite","@id":"https:\/\/truehost.com\/support\/#website","url":"https:\/\/truehost.com\/support\/","name":"","description":"Help In a Click","publisher":{"@id":"https:\/\/truehost.com\/support\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/truehost.com\/support\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/truehost.com\/support\/#organization","name":"Truehost Kenya","url":"https:\/\/truehost.com\/support\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/truehost.com\/support\/#\/schema\/logo\/image\/","url":"https:\/\/truehost.com\/support\/wp-content\/uploads\/2026\/04\/cropped-image_2026-04-16_174808866.png","contentUrl":"https:\/\/truehost.com\/support\/wp-content\/uploads\/2026\/04\/cropped-image_2026-04-16_174808866.png","width":240,"height":48,"caption":"Truehost Kenya"},"image":{"@id":"https:\/\/truehost.com\/support\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/truehost.com\/support\/wp-json\/wp\/v2\/docs\/19180","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/truehost.com\/support\/wp-json\/wp\/v2\/docs"}],"about":[{"href":"https:\/\/truehost.com\/support\/wp-json\/wp\/v2\/types\/docs"}],"author":[{"embeddable":true,"href":"https:\/\/truehost.com\/support\/wp-json\/wp\/v2\/users\/26"}],"replies":[{"embeddable":true,"href":"https:\/\/truehost.com\/support\/wp-json\/wp\/v2\/comments?post=19180"}],"version-history":[{"count":2,"href":"https:\/\/truehost.com\/support\/wp-json\/wp\/v2\/docs\/19180\/revisions"}],"predecessor-version":[{"id":19183,"href":"https:\/\/truehost.com\/support\/wp-json\/wp\/v2\/docs\/19180\/revisions\/19183"}],"wp:attachment":[{"href":"https:\/\/truehost.com\/support\/wp-json\/wp\/v2\/media?parent=19180"}],"wp:term":[{"taxonomy":"doc_category","embeddable":true,"href":"https:\/\/truehost.com\/support\/wp-json\/wp\/v2\/doc_category?post=19180"},{"taxonomy":"doc_tag","embeddable":true,"href":"https:\/\/truehost.com\/support\/wp-json\/wp\/v2\/doc_tag?post=19180"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}