"The vulnerability allows attackers to gain root access while bypassing all kinds of authentication, a feat worthy of the near-maximum CVSS. This flaw is a carriage return line feed (CRLF) issue, meaning the application does not properly sanitize user-supplied input."
"cPanel and WHM are both Linux-based control panels that manage websites, databases, file transfers, email configurations, and domains. They are backbones of the internet, and breaking into them would provide an attacker with access to all associated secrets."
"KnownHost CEO Daniel Pearson suggests that the vulnerability may have been exploited as a zero-day for at least 30 days, raising concerns about the extent of the breach and the potential for widespread damage."
Emergency patches are available for a critical vulnerability in cPanel and WHM, identified as CVE-2026-41940, which allows attackers to bypass authentication and gain root access. This vulnerability affects all supported versions of the software prior to the patch and is considered a disaster due to its critical severity rating of 9.8. cPanel and WHM manage properties for approximately 70 million domains, making the potential impact significant. The vulnerability has reportedly been exploited as a zero-day for at least 30 days, allowing attackers to gain unfettered access to sensitive information.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]