Lucene search
K

15 matches found

GithubExploit
GithubExploit
added 2026/06/16 7:39 a.m.61 views

Exploit for UNIX Symbolic Link Following in Litespeedtech Litespeed_Cpanel_Plugin

CVE-2026-54420 Mitigation Toolkit !Licensehttps://img.shie...

8.5CVSS5.8AI score0.01261EPSS
Exploits3
The Hacker News
The Hacker News
added 2026/06/16 5:41 a.m.9 views

CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation

The U.S. Cybersecurity and Infrastructure Security Agency CISA has added a security flaw impacting LiteSpeed cPanel Plugin to its Known Exploited Vulnerabilities KEV catalog, requiring Federal Civilian Executive Branch FCEB agencies to apply the fixes by June 18, 2026. The vulnerability in questi...

8.5CVSS5.5AI score0.01261EPSS
Exploits3
CISA KEV Catalog
CISA KEV Catalog
added 2026/06/15 12:0 a.m.10 views

LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerability

LiteSpeed cPanel plugin contains a UNIX symbolic link Symlink following vulnerability that could allow a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS...

8.5CVSS5.3AI score0.01261EPSS
In wildExploits3
NVD
NVD
added 2026/06/14 4:16 a.m.21 views

CVE-2026-54420

LiteSpeed cPanel plugin before 2.4.8 as distributed in LiteSpeed WHM PlugIn before 5.3.2.0 mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS, as exploited in the wild in May 2026...

8.5CVSS0.01261EPSS
Exploits3References3
EUVD
EUVD
added 2026/06/14 3:23 a.m.12 views

EUVD-2026-36657

LiteSpeed cPanel plugin before 2.4.8 as distributed in LiteSpeed WHM PlugIn before 5.3.2.0 mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS, as exploited in the wild in May 2026...

8.5CVSS5.3AI score0.01261EPSS
Exploits3References2
Cvelist
Cvelist
added 2026/06/14 3:23 a.m.36 views

CVE-2026-54420

LiteSpeed cPanel plugin before 2.4.8 as distributed in LiteSpeed WHM PlugIn before 5.3.2.0 mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS, as exploited in the wild in May 2026...

8.5CVSS0.01261EPSS
Exploits3References2
Positive Technologies
Positive Technologies
added 2026/06/14 12:0 a.m.16 views

PT-2026-49104

Name of the Vulnerable Software and Affected Versions LiteSpeed cPanel plugin versions prior to 2.4.8 LiteSpeed WHM PlugIn versions prior to 5.3.2.0 Description A symlink-following flaw exists in the LiteSpeed cPanel plugin where the software mishandles symbolic links provided by a user. An...

8.5CVSS6AI score0.01261EPSS
Exploits3References48
VulnCheck KEV
VulnCheck KEV
added 2026/06/01 12:0 a.m.9 views

VulnCheck KEV: CVE-2026-54420

LiteSpeed cPanel plugin before 2.4.8 as distributed in LiteSpeed WHM PlugIn before 5.3.2.0 mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS, as exploited in the wild in May 2026...

8.5CVSS5.3AI score0.01261EPSS
In wildExploits3References5
Packet Storm
Packet Storm
added 2024/01/26 12:0 a.m.447 views

CloudLinux CageFS 7.0.8-2 Insufficiently Restricted Proxy Command

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 CloudLinux CageFS Insufficiently Restricted Proxy Command Link: https://github.com/sbaresearch/advisories/tree/public/2020/SBA-ADV-20200707-02CloudLinuxCageFSInsufficientlyRestrictedProxyCommands Vulnerability Overview CloudLinux CageFS 7.0.8-2 or...

7.4AI score0.00378EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/01/26 12:0 a.m.963 views

CloudLinux CageFS 7.1.1-1 Token Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 CloudLinux CageFS Token Disclosure Link: https://github.com/sbaresearch/advisories/tree/public/2020/SBA-ADV-20200707-01CloudLinuxCageFSTokenDisclosure Vulnerability Overview CloudLinux CageFS 7.1.1-1 or below passes the authentication token as a...

7.4AI score0.00474EPSS
Exploits2
OSV
OSV
added 2024/01/22 2:15 p.m.3 views

CVE-2020-36771

CloudLinux CageFS 7.1.1-1 or below passes the authentication token as a command line argument. In some configurations this allows local users to view the authentication token via the process list and gain code execution as another user...

7.8CVSS6.2AI score0.00474EPSS
Exploits2References4
CNNVD
CNNVD
added 2024/01/22 12:0 a.m.6 views

CloudLinux CageFS Security Vulnerability

CloudLinux CageFS is a virtualized file system and set of tools from CloudLinux. A security vulnerability exists in CloudLinux CageFS version 7.1.1-1 and prior versions. An attacker can exploit the vulnerability to view a list of processes and execute code as another user...

7.8CVSS7.1AI score0.00474EPSS
Exploits2References6
CNNVD
CNNVD
added 2024/01/22 12:0 a.m.3 views

CloudLinux CageFS Security Vulnerability

CloudLinux CageFS is a virtualized file system and set of tools from CloudLinux. A security vulnerability exists in CloudLinux CageFS version 7.0.8-2 and prior versions. An attacker could exploit the vulnerability to read and write arbitrary files outside of the CageFS environment in a limited wa...

4.4CVSS6.8AI score0.00378EPSS
Exploits3References6
Positive Technologies
Positive Technologies
added 2024/01/22 12:0 a.m.11 views

PT-2024-10823 · Cloudlinux · Cloudlinux Cagefs

Name of the Vulnerable Software and Affected Versions: CloudLinux CageFS versions 7.1.1-1 and below Description: The issue allows local users to view the authentication token via the process list and gain code execution as another user, because the authentication token is passed as a command line...

7.8CVSS7.6AI score0.00474EPSS
Exploits2References10
Positive Technologies
Positive Technologies
added 2024/01/22 12:0 a.m.13 views

PT-2024-10824 · Cloudlinux · Cloudlinux Cagefs

Name of the Vulnerable Software and Affected Versions: CloudLinux CageFS versions 7.0.8-2 and below Description: The issue allows local users to read and write arbitrary files of certain file formats outside the CageFS environment due to insufficient restrictions on file paths supplied to the...

4.4CVSS6.9AI score0.00378EPSS
Exploits3References9
Rows per page
Query Builder