Security vulnerabilities in cPanel and Web Host Manager (WHM) have prompted the release of crucial updates. These updates address three significant vulnerabilities that pose risks such as privilege escalation, unauthorized code execution, and denial-of-service (DoS) attacks. Users are strongly advised to apply these patches immediately to safeguard their systems.
Details of the Vulnerabilities
The vulnerabilities identified in cPanel and WHM include three distinct issues. The first, labeled CVE-2026-29201, has a CVSS score of 4.3 and involves insufficient input validation of the feature file name during the “feature::LOADFEATUREFILE” adminbin call, potentially leading to arbitrary file reading.
The second vulnerability, CVE-2026-29202, with a CVSS score of 8.8, is due to inadequate input validation of the “plugin” parameter in the “create_user API” call. This flaw can enable the execution of arbitrary Perl code through the system user of an authenticated account.
The third issue, CVE-2026-29203, also rated at 8.8, concerns unsafe symlink handling, which allows modification of file access permissions using chmod, resulting in DoS or potential privilege escalation.
Patches and Versions
cPanel has issued patches for these vulnerabilities in several versions of cPanel and WHM. The updated versions include 11.136.0.9 and above, covering various prior releases up to 11.86.0.43. Additionally, a direct update, version 110.0.114, is available for users on CentOS 6 or CloudLinux 6.
Users are strongly encouraged to upgrade to the latest versions to ensure optimal security. The updates aim to fortify systems against exploitation and enhance overall protection.
Implications and Recommendations
Although there have been no confirmed cases of these vulnerabilities being exploited in real-world scenarios, the urgency of these updates is underscored by recent threats. Just days before this disclosure, another critical vulnerability (CVE-2026-41940) was leveraged by attackers to deploy Mirai botnet variants and a ransomware strain named Sorry.
Given the potential risks, immediate updates are recommended to prevent potential exploitation. Regularly updating software and applying security patches is crucial to maintaining system integrity and protecting against emerging threats.
In conclusion, staying informed and proactive in applying updates is vital for security in the ever-evolving cyber landscape. Users should prioritize these updates to mitigate vulnerabilities effectively.
