3 serious Security feature bypass and improper validation vulnerabilities in cPanel

Cybersecurity specialists report the detection of three vulnerabilities in cPanel, the control panel for the management of web hosting servers that provide automation tools and a graphical interface based on web pages. According to the report, flaws can be exploited by threat actors to deploy multiple attacks.

Below are brief descriptions of the reported flaws and their respective identification keys and scores assigned according to the Common Vulnerability Scoring System (CVSS).

CVE-2021-38587: A flaw in the scripts/fix-cpanel-perl would allow remote attackers to send a specially crafted request and create arbitrary temporary files.

The vulnerability received a CVSS score of 7.9/10 and its successful exploitation would allow remote attackers to compromise the affected systems.

CVE-2021-38589: A flaw in the /fix-cpanel-perl scripts would allow remote attackers to send specially crafted requests and overwrite arbitrary files on the system.

This is a highly severe vulnerability and received a CVSS score of 7.9/10.

CVE-2021-38588: Improper verification of the integrity of downloads in fix_cpanel_perl will allow remote attackers to trick a target user into downloading specially crafted files and execute arbitrary code.

The vulnerability received a CVSS score of 7.7/10 and its successful exploitation would allow the full compromise of the affected system.

According to the report, the vulnerabilities reside in cPanel: 96.0.0, 96.0.1, 96.0.3, 96.0.4, 96.0.5, 96.0.6, 96.0.7, 96.0.8, 96.0.9, 96.0.10, and 96.0.11

The flaw can be exploited by unauthenticated remote hackers, although so far no exploit attempts have been detected in real scenarios or the existence of a functional malware variant for a successful attack. Updates are now available, so users of affected deployments are encouraged to update as soon as possible.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.