indo-cpanel-exploit

🦉 Indo cPanel Exploit Toolkit ⚠️ FOR AUTHORIZED SECURITY TE...

cPanel - CRLF Injection

ExploitTitle: cPanel 11.40 - CRLF Injection Author: nu11secur1tyAI Date: 2026-04-30 Vendor: cPanel, L.L.C. Software: cPanel & WHM cpsrvd Reference: CVE-2026-41940 / watchTowr-2026-01 Description: A critical authentication bypass vulnerability exists in the cPanel/WHM cpsrvd daemon due to improper...

Exploit for Missing Authentication for Critical Function in Cpanel

CPANEL CVE EXPLOIT English | فارسی PersianREADME...

LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root

A maximum-severity security vulnerability impacting LiteSpeed User-End cPanel Plugin has come under active exploitation in the wild. The flaw, tracked as CVE-2026-48172 CVSS score: 10.0, relates to an instance of incorrect privilege assignment that an attacker could abuse to run arbitrary scripts...

Metasploit Wrap Up 05/22/2026

Another week, another authentication bypass Our humble Metasploit weeklyish blog has been blessed with a new network component vulnerability. The dynamic duo of @sfewer-r7 and @jburgess-r7 have discovered and authored the admin/networking/ciscosdwanvhubauthbypass module for CVE-2026-20182, a...

CVE-2026-48172

LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation possibly to root, as exploited in the wild in May 2026. Detection is best done via a command line of grep -rE "cpaneljsonapifunc=redisAble" /var/cpanel/logs /usr/local/cpanel/logs/ 2/dev/null in Bash. If you get no output,...

CVE-2026-48172

LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation possibly to root, as exploited in the wild in May 2026. Detection is best done via a command line of grep -rE "cpaneljsonapifunc=redisAble" /var/cpanel/logs /usr/local/cpanel/logs/ 2/dev/null in Bash. If you get no output,...

CVE-2026-48172

The vulnerability CVE-2026-48172 affects LiteSpeed User-End cPanel Plugin prior to 2.4.5. The issue stems from mishandling of Redis enable/disable features, enabling privilege escalation (possibly to root). In-the-wild exploitation was reported in May 2026. Detection guidance is provided: run gre...

CVE-2026-48172

LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation possibly to root, as exploited in the wild in May 2026. Detection is best done via a command line of grep -rE "cpaneljsonapifunc=redisAble" /var/cpanel/logs /usr/local/cpanel/logs/ 2/dev/null in Bash. If you get no output,...

EUVD-2026-31204

LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation possibly to root, as exploited in the wild in May 2026. Detection is best done via a command line of grep -rE "cpaneljsonapifunc=redisAble" /var/cpanel/logs /usr/local/cpanel/logs/ 2/dev/null in Bash. If you get no output,...

CVE-2026-48172

LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation possibly to root, as exploited in the wild in May 2026. Detection is best done via a command line of grep -rE "cpaneljsonapifunc=redisAble" /var/cpanel/logs /usr/local/cpanel/logs/ 2/dev/null in Bash. If you get no output,...

LiteSpeed User-End cPanel Plugin 安全漏洞

The LiteSpeed User-End cPanel Plugin is an integrated management plugin for LiteSpeed server users, developed by LiteSpeed Corporation and designed to work within the cPanel environment. Versions of the LiteSpeed User-End cPanel Plugin prior to version 2.4.5 contained security vulnerabilities...

PT-2026-42359

Name of the Vulnerable Software and Affected Versions LiteSpeed User-End cPanel Plugin versions prior to 2.4.5 Description An issue in the mishandling of Redis enable/disable features, specifically within the lsws.redisAble function, allows for incorrect privilege assignment. This flaw enables an...

VulnCheck KEV: CVE-2026-48172

LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation possibly to root, as exploited in the wild in May 2026. Detection is best done via a command line of grep -rE "cpaneljsonapifunc=redisAble" /var/cpanel/logs /usr/local/cpanel/logs/ 2/dev/null in Bash. If you get no output,...

📄 CPanel/WHM CRLF Injection / Authentication Bypass / Remote Code Execution

This Metasploit module exploits CVE-2026-41940, a CRLF injection in cPanel/WHMs cpsrvd daemon that allows unauthenticated remote code execution as root. The Basic-auth handler writes the password to the raw session file without stripping newlines. Omitting the ob-part of the session cookie bypass...

cPanel 注入漏洞

cPanel is a web-based automated hosting platform developed by cPanel Inc. This platform is primarily used for automating the management of websites and servers. cPanel has a vulnerability known as “injection attack,” which stems from improper cleaning of the status query parameters in the...

cPanel 安全漏洞

cPanel is a web-based automated hosting platform developed by the cPanel company in the United States. This platform is primarily used for automating the management of websites and servers. cPanel has security vulnerabilities, which stem from improper permission authorization checks by team...

cPanel SQL注入漏洞

cPanel is a web-based automated hosting platform developed by cPanel Inc. This platform is primarily used for automating the management of websites and servers. cPanel has a SQL injection vulnerability, which stems from insufficient SQL query cleaning in the sqloptimizer tool script. If the slow...

cPanel 安全漏洞

cPanel is a web-based automated hosting platform developed by the cPanel company in the United States. This platform is primarily used for automating the management of websites and servers. cPanel has security vulnerabilities, stemming from improper permission management and insufficient path...

cPanel 信任管理问题漏洞

cPanel is a web-based automated hosting platform developed by the cPanel company in the United States. This platform is primarily used for automating the management of websites and servers. cPanel has a vulnerability related to trust management, which stems from the disabled SSL verification in t...