Vulnerabilities Target Shared Hosting Environments
Security researchers have uncovered multiple high severity vulnerabilities in cPanel and WebHost Manager (WHM) that threaten web hosting infrastructures worldwide. The most critical flaw enables unauthenticated attackers to access sensitive system resources, potentially leading to complete server compromise. These bugs present an immediate danger to shared hosting ecosystems where isolation between customer accounts is essential.
Among the patched issues is an input validation failure involving the plugin parameter in the create_user API call. This vulnerability allows an attacker with an authenticated account to execute arbitrary code with the system user’s permissions. Another flaw permits arbitrary file reads by exploiting weak validation of feature file names, exposing underlying server configurations.
Broader Infrastructure Risks
The cPanel vulnerabilities arrive alongside additional threats to hosting infrastructure. A privilege escalation flaw in the Linux kernel’s page cache, nicknamed Dirty Frag, allows a low level local user to gain full root administrative control. This bug shares similarities with the 2022 Dirty Pipe vulnerability.
Email services bundled with hosting servers face risks from an Exim flaw that enables denial of service attacks. Attackers can crash connection instances by supplying malformed DNS data in PTR records on systems using musl libc. System administrators running cPanel versions 11.136.0.8 and lower must apply the latest updates immediately to prevent server takeover.
Source: Cyber Security News
