A publicly released proof of concept for the cPanel authentication bypass flaw has accelerated exploitation attempts, putting thousands of web hosting servers at immediate risk of takeover.
Vulnerability Details
A critical zero day authentication bypass vulnerability has been discovered in cPanel, the widely used web hosting control panel. Tracked as CVE-2024-44269 (https://cve.org/CVERecord?id=CVE-2024-44269), the flaw allows an unauthenticated attacker to bypass login mechanisms and gain administrative access to the cPanel interface. The vulnerability resides in the way cPanel handles certain authentication tokens, enabling malicious actors to craft requests that mimic legitimate user sessions without needing valid credentials.
Impact and Active Exploitation
Security researchers have confirmed that this vulnerability is being actively exploited in the wild. A proof of concept (PoC) exploit has been publicly released, lowering the barrier for attackers to launch attacks. The impact is severe, as successful exploitation grants full control over the affected cPanel instance, including the ability to modify websites, access databases, and pivot to other systems hosted on the same server. Web hosting providers and users running unpatched versions of cPanel are urged to apply the vendor provided patch immediately to prevent compromise.
Source: Cyber Security News
