Top web hosting platform could be easily exploited using these threats

Documentation has been updated to explain Super Privileges

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Cybersecurityresearchers have successfully conducted remote code execution (RCE) and privilege escalation attacks on popularweb hostingcontrol platformcPanel& WHM by exploiting a stored cross-site scripting (XSS) vulnerability.

WhilecPanelis limited to managing a single hosting account, cPanel & WHM allows admins to manage the entireserver.

“Our team has found multiple vulnerabilities in cPanel/WHM during a black-boxpentest, the most important one being a privilege escalation via stored XSS,”sharedAdrian Tiron, co-founder ofcloud securityfirm Fortbridge.

We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.

Click here to start the survey in a new window«

According to Tiron, the researchers were able to exploit the XSS vulnerability to escalate privileges to root.

Ripe for exploit

Whilst disclosing these bugs to the cPanel & WHM team, the Fortbridge team realized that the pentested cPanel account was areselleraccount with the permission to edit locales, leading them to conclude that the XSS vulnerability discovered during their pestest “is considered a feature, and it was not fixed.”

The second bug is an HTML injection vulnerability. Although Tiron says this vulnerability is enough to bypass the CSRF/referrer leak protection, the process to exploit it is a lot more “convoluted.”

Fortbridge notified cPanel of the vulnerabilities earlier this year, and the popular control panel updated therelevant portions of its documentationearlier this month.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

However, cPanel hasn’t yet fixed the flaws, arguing that threat actors must be authenticated to exploit the vulnerability.

In a conversationwithThe Daily Swig, Cory McIntire, product owner on the cPanel security team, said “the Locale interface can only be used by root andSuper Privilegeresellers to whom the root must grant this specific ACL to.”

He added that “this is labelled aSuper Privilegewith a warning icon in the server admins WHM interface, and also flagged as such in the cPanel documentation.”

In terms of protection, McIntire said thatSuper Privilegesshould only be given to people you would trust with root on your server.”

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Best free and public DNS server of 2024

Zoho turns to Nvidia NeMo to build proprietary LLMs

NYT Strands today — hints, answers and spangram for Sunday, November 10 (game #252)