Main Vulnerability Database Vulnerabilities #VU42

Remote OS commands execution via cPanel API calls - #VU42

Published: June 28, 2016

Vulnerability identifier: #VU42

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: N/A

CWE-ID: CWE-78

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor:

Affected software:

Detailed vulnerability description

The vulnerability allows a remote authenticated attacker to execute arbitrary code on the target system.

The vulnerability exists due to insufficient sanitization of forwarding options when performing certain cPanel API calls. A remote attacker with Webmail account can inject and execute arbitrary system commands.

Successful exploitation of this vulnerability may allow an authenticated attacker to execute arbitrary commands and completely compromise vulnerable system.

Remediation

Install the latest version 11.56.0.15, 11.54.0.24, 11.52.6.1 or 11.50.6.2.

Sources

http://news.cpanel.com/cpanel-tsr-2016-0003-full-disclosure/

Remote OS commands execution via cPanel API calls - #VU42

Detailed vulnerability description

Remediation

Sources

Please verify you're human