cPanel before 88.0.3 mishandles the Exim filter path, leading to remote code execution (SEC-485).
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HCpanel
APPCpanel< 88.0.3
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
Powiązane podatności
CVE-2026-41940CRITICAL9.3⚠ KEVPL ✓ten sam produkt
Authentication bypass w cPanel/WHM — nieautoryzowany dostęp do panelu
CVE-2020-26108CRITICAL9.8ten sam produkt
cPanel before 88.0.13 mishandles file-extension dispatching, leading to code execution (SEC-488).
CVE-2020-26100CRITICAL9.8ten sam produkt
chsh in cPanel before 88.0.3 allows a Jailshell escape (SEC-497).
CVE-2020-26101CRITICAL9.8ten sam produkt
In cPanel before 88.0.3, insecure RNDC credentials are used for BIND on a templated VM (SEC-549).
CVE-2020-26105CRITICAL9.8ten sam produkt
In cPanel before 88.0.3, insecure chkservd test credentials are used on a templated VM (SEC-554).