This vulnerability in mywebtonet PHP/MySQL CPU performance statistics (up to version 1.2.1) arises from unsafe deserialization of untrusted data, enabling object injection attacks. Such attacks can allow an unauthenticated remote attacker to execute arbitrary code or manipulate application logic, resulting in full system compromise. The CVSS v3.1 base score is 9.8, reflecting network attack vector, no required privileges or user interaction, and high impact on confidentiality, integrity, and availability. No official patch or vendor advisory is currently available, and the product is not a cloud service.

Successful exploitation can lead to complete compromise of the affected system, including unauthorized code execution, data manipulation, and denial of service. The vulnerability is remotely exploitable without authentication or user interaction, making it highly severe. There are no known exploits in the wild at this time.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, avoid exposing the vulnerable service to untrusted networks and consider implementing network-level protections to restrict access. Monitor for vendor updates regarding patches or mitigations.