Lucene search
K

14 matches found

Metasploit
Metasploit
added 2026/05/18 7:2 p.m.326 views

cPanel/WHM CRLF Injection Authentication Bypass RCE

Exploits CVE-2026-41940, a CRLF injection in cPanel/WHM's cpsrvd daemon that allows unauthenticated remote code execution as root. The Basic-auth handler writes the password to the raw session file without stripping newlines. Omitting the ob-part of the session cookie bypasses the encoder, so...

9.8CVSS6.8AI score0.981EPSS
Exploits64
Packet Storm
Packet Storm
added 2026/05/18 12:0 a.m.96 views

📄 CPanel/WHM CRLF Injection / Authentication Bypass / Remote Code Execution

This Metasploit module exploits CVE-2026-41940, a CRLF injection in cPanel/WHMs cpsrvd daemon that allows unauthenticated remote code execution as root. The Basic-auth handler writes the password to the raw session file without stripping newlines. Omitting the ob-part of the session cookie bypass...

9.8CVSS6.7AI score0.981EPSS
Exploits64
GithubExploit
GithubExploit
added 2026/05/10 12:35 p.m.99 views

Exploit for Missing Authentication for Critical Function in Cpanel

cPanelSniper CVE-2026-41940 — c...

9.8CVSS6.2AI score0.981EPSS
Exploits64
GithubExploit
GithubExploit
added 2026/05/06 6:8 p.m.71 views

Exploit for Missing Authentication for Critical Function in Cpanel

🛡️ CVE-2026-41940-Exploit-PoC - Test your cPanel server securi...

9.8CVSS6AI score0.981EPSS
Exploits64
The Hacker News
The Hacker News
added 2026/05/04 2:23 p.m.20 views

⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More

This week, the shadows moved faster than the patches. While most teams were still triaging last month’s alerts, attackers had already turned control panels into kill switches, kernels into open doors, and open-source pipelines into silent delivery systems. The game has shifted from breach to...

9.9CVSS8AI score0.981EPSS
Exploits321
GithubExploit
GithubExploit
added 2026/05/04 11:19 a.m.70 views

Exploit for Missing Authentication for Critical Function in Cpanel

CVE-2026-41940 cPanel & WHM Verification Tool This repository...

9.8CVSS6.1AI score0.981EPSS
Exploits64
GithubExploit
GithubExploit
added 2026/05/04 10:6 a.m.108 views

Exploit for Missing Authentication for Critical Function in Cpanel

Sorry Ransomware Analysis CVE-2026-41940 cPanel Campaign Pu...

9.8CVSS6.1AI score0.981EPSS
Exploits64
GithubExploit
GithubExploit
added 2026/05/03 4:56 p.m.104 views

CVE_2026_41940_scan_exploit

No d...

5.8AI score
Exploits0
GithubExploit
GithubExploit
added 2026/05/02 6:18 a.m.130 views

Exploit for Missing Authentication for Critical Function in Cpanel

IOC Check Sessions Files Overview iocchecksessionsfile...

9.8CVSS5.8AI score0.981EPSS
Exploits64
GithubExploit
GithubExploit
added 2026/05/02 1:51 a.m.73 views

Exploit for Missing Authentication for Critical Function in Cpanel

CVE-2026-41940 – cPanel/WHM Auth Bypass + Root Password Changer...

9.8CVSS6AI score0.981EPSS
Exploits64
GithubExploit
GithubExploit
added 2026/05/01 12:17 a.m.128 views

Exploit for Missing Authentication for Critical Function in Cpanel

================================================================...

9.8CVSS5.9AI score0.981EPSS
Exploits64
GithubExploit
GithubExploit
added 2026/04/30 5:17 a.m.129 views

Exploit for CVE-2026-41940

cPanel/WHM Auth Bypass Scanner & Exploit Tool A Go command-li...

9.8CVSS6.3AI score0.981EPSS
Exploits64
GithubExploit
GithubExploit
added 2026/04/29 11:11 p.m.171 views

Exploit for CVE-2026-41940

A companion tool for the watchTowr CVE-2026-41940 authentication...

9.8CVSS5.5AI score0.981EPSS
Exploits64
Cvelist
Cvelist
added 2026/04/29 3:10 p.m.56 views

CVE-2026-41940 WebPros cPanel and WHM Authentication Bypass via Login Flow

cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel...

9.8CVSS0.981EPSS
Exploits64References5
Rows per page
Query Builder