Article Details

CISA Adds Gladinet and CWP Flaws to KEV Catalog Amid Active Exploitation Evidence. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting Gladinet and Control Web Panel (CWP) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerabilities in question are listed below - The development comes weeks after cybersecurity company Huntress said it detected active exploitation attempts targeting CVE-2025-11371, with unknown threat actors leveraging the flaw to run reconnaissance commands (e.g., ipconfig /all) passed in the form of a Base64-encoded payload. However, there are currently no public reports on how CVE-2025-48703 is being weaponized in real-world attacks. However, technical details of the flaw were shared by security researcher Maxime Rinaudo in June 2025, shortly after it was patched in version 0.9.8.1205 following responsible disclosure on May 13. "It allows a remote attacker who knows a valid username on a CWP instance to execute pre-authenticated arbitrary commands on the server," Rinaudo said. In light of active exploitation, Federal Civilian Executive Branch (FCEB) agencies are required to apply the necessary fixes by November 25, 2025, to secure their networks. The addition of the two flaws to the KEV catalog follows reports from Wordfence about the exploitation of critical security vulnerabilities impacting three WordPress plugins and themes - WordPress site users relying on the aforementioned plugins and themes are recommended to update them to the latest version as soon as possible, use strong passwords, and audit the sites for signs of malware or the presence of unexpected accounts.