Summary
cPanel released emergency patches for a critical authentication bypass vulnerability affecting all supported versions of its control panel software. The flaw allows unauthorized access to administrative interfaces, prompting hosting providers to temporarily block management ports during the remediation process.
Take Action:
If you use cPanel or WHM on your servers, this is urgent. Immediately run /scripts/upcp --force to apply the emergency patch, then verify the version with /usr/local/cpanel/cpanel -V. Until you've confirmed the update, block external access to ports 2083 and 2087 to prevent attackers from exploiting this authentication bypass and taking over your servers. If you are using cPanel as a customer, reach to your hosting provider to confirm that they have updated cPanel.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)