Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
LiteSpeed Plugin Flaw Exploited for Root Access

LiteSpeed Plugin Flaw Exploited for Root Access

Posted on May 23, 2026 By CWS

A critical security vulnerability has been discovered in the LiteSpeed User-End cPanel Plugin, allowing attackers to execute scripts with root privileges. This flaw, identified as CVE-2026-48172, has a CVSS score of 10.0, highlighting its severe risk.

Details of the LiteSpeed Vulnerability

The vulnerability stems from an incorrect privilege assignment within the plugin, which could be exploited by any cPanel user, whether malicious or compromised, to execute arbitrary scripts with elevated permissions. The specific function at risk is the lsws.redisAble function, as noted by LiteSpeed.

The affected versions of the plugin span from 2.3 to 2.4.4, with the issue resolved in version 2.4.5. The LiteSpeed WHM plugin remains unaffected by this flaw. This discovery and report are credited to security researcher David Strydom.

Indicators and Mitigation Steps

LiteSpeed has confirmed active exploitation of this vulnerability but withheld further specifics. They have provided an indicator of compromise, advising users to run a specific command to check for signs of exploitation.

If the command output shows activity, users should scrutinize the IP addresses involved and block any that appear illegitimate. For immediate action, LiteSpeed recommends updating to the latest plugin versions, which contain additional security patches.

Security Updates and Recommendations

Following this vulnerability’s discovery, LiteSpeed conducted a security review of both their cPanel and WHM plugins, leading to further patches. Users should upgrade to LiteSpeed WHM Plugin version 5.3.1.0, which includes cPanel plugin version 2.4.7 or higher, to ensure protection.

In cases where an immediate update is unfeasible, LiteSpeed suggests uninstalling the user-end plugin using a provided command. This advisory comes soon after another significant cPanel vulnerability was found being exploited to deploy botnet and ransomware attacks.

Given the critical nature of these vulnerabilities, prompt updates and vigilance are essential for maintaining server security against potential threats.

The Hacker News Tags:cPanel, CVE-2026-48172, cyber threat, Cybersecurity, Exploit, LiteSpeed, LiteSpeed WHM, root access, security flaw, security patch, server security, software update, threat analysis, Vulnerability, web security

Post navigation

Previous Post: Cyberattack Targets Laravel-Lang Packages via GitHub
Next Post: Drupal Core SQL Vulnerability Exploitation Reported

Related Posts

Understanding Magecart Threats in Web Supply Chains Understanding Magecart Threats in Web Supply Chains The Hacker News
China-Linked Hackers Exploit New VMware Zero-Day Since October 2024 China-Linked Hackers Exploit New VMware Zero-Day Since October 2024 The Hacker News
Google Enhances Chrome Security with DBSC Rollout Google Enhances Chrome Security with DBSC Rollout The Hacker News
China-Linked Tick Group Exploits Lanscope Zero-Day to Hijack Corporate Systems China-Linked Tick Group Exploits Lanscope Zero-Day to Hijack Corporate Systems The Hacker News
Android Malware FvncBot, SeedSnatcher, and ClayRat Gain Stronger Data Theft Features Android Malware FvncBot, SeedSnatcher, and ClayRat Gain Stronger Data Theft Features The Hacker News
Understanding and Mitigating Lethal Paths in AppSec Understanding and Mitigating Lethal Paths in AppSec The Hacker News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • Global Expansion of Gentlemen Ransomware Threats
  • Critical Flaw in Google Dialogflow CX Exposed
  • Vulnerability in GCP Dialogflow Enables Malicious Code Injection
  • Gitea Vulnerability Exploited Actively, Experts Alert
  • RedWing Malware Offers Banking Fraud via Telegram

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • Global Expansion of Gentlemen Ransomware Threats
  • Critical Flaw in Google Dialogflow CX Exposed
  • Vulnerability in GCP Dialogflow Enables Malicious Code Injection
  • Gitea Vulnerability Exploited Actively, Experts Alert
  • RedWing Malware Offers Banking Fraud via Telegram

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark