Wednesday, January 22, 2025
Follow us On Linkedin
HomeCVE/vulnerabilitycPanel 2FA Bypass Exposes Tens of Millions of Websites to Hack

cPanel 2FA Bypass Exposes Tens of Millions of Websites to Hack

CVE/vulnerabilityCyber Security News

Published on

By Gurubaran
cPanel 2FA Bypass

Free Webinar DevSecOps Hacks

SIEM as a Service

Follow Us on Google News

Digital Defense, Inc., a leader in vulnerability and threat management solutions, announced that its Vulnerability Research Team (VRT) exposed a previously undisclosed vulnerability affecting the cPanel & WebHost Manager (WHM) web hosting platform.

cPanel & WHM is a suite of tools built for Linux OS that enables hosting providers and users the ability to automate server management and web hosting tasks. The software suite is currently used to manage above 70 million domains across the globe.

Many cPanel & WHM interfaces create URIs to other interfaces by incorporating user-supplied data in URI query parameters. These interfaces were using URL encoding on the parameters rather than URI encoding. Due to this fault, a cPanel & WHM user could be misled into performing actions they did not intend.

The cPanel &WHM version 11.90.0.5 (90.0 Build 5) exhibits a two-factor authentication bypass defect, susceptible to brute force attack.

 An attacker with knowledge of or access to valid credentials could evade two-factor authentication protections on an account. Digital Defense’s in-house testing demonstrated that an attack will be get done in minutes.

“The two-factor authentication cPanel Security Policy did not prevent an attacker from repeatedly submitting two-factor authentication codes. This allowed an attacker to bypass the two-factor authentication check using brute force techniques.” reads a security advisory released by the company. 

This problem was addressed with the release of the following builds:

  • 11.92.0.2
  • 11.90.0.17
  • 11.86.0.32

The Digital Defense, Vulnerability Research Team right away makes contact with the affected vendor to notify the organization of the new finding(s) and help out, wherever possible, with the vendor’s remediation actions.

“Our standard practice is to work in tandem with organizations on a coordinated disclosure effort to facilitate a prompt resolution to a vulnerability. We will continue outreach to customers ensuring they are aware and able to take action to mitigate any potential risk introduced by the vulnerability,” states Mike Cotton, senior vice president of engineering at Digital Defense.”

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Also Read

Ensiko – A PHP Based Web Shell with Ransomware Capabilities Attacks PHP Installation

Hackers using weaponized TeamViewer to Attack & Gain Full Control of the Government Networks

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

CVE/vulnerability

PoC Exploit Released for TP-Link Code Execution Vulnerability(CVE-2024-54887)

A security researcher, exploring reverse engineering and exploit development, has successfully identified a critical...
CVE/vulnerability

Brave Browser Vulnerability Allows Malicious Website Appears as Trusted One

A security vulnerability has been identified in Brave Browser, potentially allowing malicious websites to...
Cyber Security News

Beware! Fake SBI Reward APK Attacking Users to Deliver Android Malware

A recent phishing campaign has targeted customers of SBI Bank through a deceptive message...
Cyber Security News

Gootloader Malware Employs Blackhat SEO Techniques To Attack Victims

The Gootloader malware family employs sophisticated social engineering tactics to infiltrate computers.By leveraging...

API Security Webinar

Free Webinar - DevSecOps Hacks

By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.

In this webinar, join Phani Deepak Akella ( VP of Marketing ) and Karthik Krishnamoorthy (CTO), Indusface as they explores best practices for integrating application security into your CI/CD workflows using tools like Jenkins and Jira.

Discussion points

Automate security scans as part of the CI/CD pipeline.
Get real-time, actionable insights into vulnerabilities.
Prioritize and track fixes directly in Jira, enhancing collaboration.
Reduce risks and costs by addressing vulnerabilities pre-production.

Register Now

More like this

CVE/vulnerability

PoC Exploit Released for TP-Link Code Execution Vulnerability(CVE-2024-54887)

A security researcher, exploring reverse engineering and exploit development, has successfully identified a critical...
CVE/vulnerability

Brave Browser Vulnerability Allows Malicious Website Appears as Trusted One

A security vulnerability has been identified in Brave Browser, potentially allowing malicious websites to...
Cyber Security News

Beware! Fake SBI Reward APK Attacking Users to Deliver Android Malware

A recent phishing campaign has targeted customers of SBI Bank through a deceptive message...

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 2016 - 2024 GBHackers On Security - All Rights Reserved