Cpanel Security Vulnerabilities
cPanel before 78.0.18 allows local users to escalate to root access because of userdata cache misparsing (SEC-479).
7.8CVSS
7.6AI Score
0.0004EPSS
8.8CVSS
8.8AI Score
0.001EPSS
cPanel before 78.0.18 unsafely determines terminal capabilities by using infocmp (SEC-481).
3.3CVSS
4.3AI Score
0.0004EPSS
cPanel before 78.0.18 offers an open mail relay because of incorrect domain-redirect routing (SEC-483).
4.3CVSS
4.7AI Score
0.001EPSS
cPanel before 78.0.18 allows certain file-read operations in the context of the root account via the Exim virtual_user_spam router (SEC-484).
5.5CVSS
5.5AI Score
0.0004EPSS
cPanel before 78.0.18 allows demo accounts to execute code via securitypolicy.cg (SEC-487).
8.8CVSS
8.8AI Score
0.001EPSS
6.1CVSS
5.9AI Score
0.001EPSS
2.7CVSS
4.1AI Score
0.001EPSS
cPanel before 78.0.2 allows a demo account to link with an OpenID provider (SEC-460).
4.3CVSS
4.6AI Score
0.001EPSS
cPanel before 78.0.2 allows arbitrary file-read operations via Passenger adminbin (SEC-466).
5.5CVSS
5.6AI Score
0.0004EPSS
Maketext in cPanel before 78.0.2 allows format-string injection in the Email store_filter UAPI (SEC-472).
3.3CVSS
4.5AI Score
0.0004EPSS
cPanel before 78.0.2 does not properly restrict demo accounts from writing to files via the DCV UAPI (SEC-473).
5.3CVSS
5.3AI Score
0.001EPSS
Maketext in cPanel before 78.0.2 allows format-string injection in the DCV check_domains_via_dns UAPI (SEC-474).
3.3CVSS
4.5AI Score
0.0004EPSS
cPanel before 78.0.2 allows certain file-write operations as shared users during connection resets (SEC-476).
4.3CVSS
4.7AI Score
0.001EPSS
In cPanel before 78.0.2, a Userdata cache temporary file can conflict with domains (SEC-478).
3.3CVSS
4.3AI Score
0.0004EPSS
cPanel before 82.0.15 allows API token credentials to persist after an account has been renamed or terminated (SEC-517).
8.8CVSS
8.6AI Score
0.001EPSS
cPanel before 82.0.15 allows self XSS in the SSL Certificate Upload interface (SEC-521).
6.1CVSS
5.9AI Score
0.001EPSS
6.1CVSS
5.9AI Score
0.001EPSS
6.1CVSS
5.9AI Score
0.001EPSS
cPanel before 82.0.15 allows self stored XSS in the WHM SSL Storage Manager interface (SEC-527).
6.1CVSS
5.9AI Score
0.001EPSS
cPanel before 82.0.15 allows self XSS in the WHM Update Preferences interface (SEC-528).
6.1CVSS
5.9AI Score
0.001EPSS
cPanel before 82.0.18 allows authentication bypass because webmail usernames are processed inconsistently (SEC-499).
8.8CVSS
8.8AI Score
0.001EPSS
cPanel before 82.0.18 allows attackers to leverage virtual mail accounts in order to bypass account suspensions (SEC-508).
5.4CVSS
5.5AI Score
0.001EPSS
cPanel before 82.0.18 allows authentication bypass because of misparsing of the format of the password file (SEC-516).
8.8CVSS
8.9AI Score
0.001EPSS
cPanel before 82.0.18 allows self-XSS because JSON string escaping is mishandled (SEC-520).
6.1CVSS
6.3AI Score
0.001EPSS
In cPanel before 82.0.18, Cpanel::Rand::Get can produce a predictable series of numbers (SEC-525).
3.3CVSS
4.3AI Score
0.0004EPSS
cPanel before 82.0.18 allows attackers to read an arbitrary database via MySQL dump streaming (SEC-531).
6.5CVSS
6.3AI Score
0.001EPSS
cPanel before 82.0.18 allows attackers to conduct arbitrary chown operations as root during log processing (SEC-532).
5.5CVSS
5.6AI Score
0.0004EPSS
5.4CVSS
5.2AI Score
0.001EPSS
cPanel before 82.0.18 allows WebDAV authentication bypass because the connection-sharing logic is incorrect (SEC-534).
9.8CVSS
9.6AI Score
0.002EPSS
cPanel before 84.0.20 allows self XSS via a temporary character-set specification (SEC-515).
6.1CVSS
5.9AI Score
0.001EPSS
6.1CVSS
6.2AI Score
0.001EPSS
cPanel before 84.0.20, when PowerDNS is used, allows arbitrary code execution as root via dnsadmin. (SEC-537).
7.2CVSS
7.4AI Score
0.001EPSS
cPanel before 84.0.20 allows attackers to bypass intended restrictions on features and demo accounts via WebDisk UAPI calls (SEC-541).
5.3CVSS
5.3AI Score
0.001EPSS
cPanel before 84.0.20 mishandles enforcement of demo checks in the Market UAPI namespace (SEC-542).
9.1CVSS
9.1AI Score
0.002EPSS
cPanel before 84.0.20 allows a demo account to modify files via Branding API calls (SEC-543).
9.1CVSS
9AI Score
0.002EPSS
cPanel before 84.0.20 allows a demo account to achieve remote code execution via a cpsrvd rsync shell (SEC-544).
9.8CVSS
9.6AI Score
0.014EPSS
cPanel before 84.0.20 allows resellers to achieve remote code execution as root via a cpsrvd rsync shell (SEC-545).
7.2CVSS
7.4AI Score
0.006EPSS
cPanel before 84.0.20 allows a demo account to achieve code execution via PassengerApps APIs (SEC-546).
9.8CVSS
9.5AI Score
0.004EPSS
cPanel before 84.0.20 allows a webmail or demo account to delete arbitrary files (SEC-547).
6.5CVSS
6.5AI Score
0.001EPSS
cPanel before 86.0.14 allows remote attackers to trigger a bandwidth suspension via mail log strings (SEC-505).
5.3CVSS
5.3AI Score
0.002EPSS
cPanel before 86.0.14 allows attackers to obtain access to the current working directory via the account backup feature (SEC-540).
8.1CVSS
7.9AI Score
0.001EPSS
cPanel before 88.0.3 mishandles the Exim filter path, leading to remote code execution (SEC-485).
9.8CVSS
9.7AI Score
0.009EPSS
cPanel before 88.0.3 allows attackers to bypass the SMTP greylisting protection mechanism (SEC-491).
7.5CVSS
7.5AI Score
0.001EPSS
9.8CVSS
9.3AI Score
0.002EPSS
In cPanel before 88.0.3, insecure RNDC credentials are used for BIND on a templated VM (SEC-549).
9.8CVSS
9.4AI Score
0.003EPSS
In cPanel before 88.0.3, an insecure auth policy API key is used by Dovecot on a templated VM (SEC-550).
7.5CVSS
7.5AI Score
0.002EPSS
In cPanel before 88.0.3, an insecure site password is used for Mailman on a templated VM (SEC-551).
7.5CVSS
7.6AI Score
0.002EPSS
In cPanel before 88.0.3, an insecure SRS secret is used on a templated VM (SEC-552).
7.5CVSS
7.5AI Score
0.002EPSS
In cPanel before 88.0.3, insecure chkservd test credentials are used on a templated VM (SEC-554).
9.8CVSS
9.3AI Score
0.003EPSS