Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
cPanel Remote Account Deletion - exploit.company
header-logo
Suggest Exploit
vendor:
cPanel
by:
Unknown
7.5
CVSS
HIGH
Remote Account Deletion
Unknown
CWE
Product Name: cPanel
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: Yes
Related CWE: Unknown
CPE: cPanel
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

cPanel Remote Account Deletion

The vulnerability in cPanel allows a remote authenticated administrator to delete customer account DNS information for customers not under their administration. By exploiting this vulnerability, an attacker can cause a denial of service (DoS) condition on vulnerable websites. The attack can be carried out by sending a specially crafted HTTP request to the vulnerable URL: http://www.example.com:2086/scripts/killacct?domain=(domain)&user=(user)&submit-domain=Terminate

Mitigation:

Apply the latest security patches provided by cPanel. Limit administrative privileges and ensure that administrators can only manage the customer accounts under their jurisdiction. Regularly monitor and review DNS information for any unauthorized changes. Implement intrusion detection and prevention systems to detect and block suspicious activities.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/10468/info

cPanel is prone to a vulnerability that can allow a remote authenticated administrator to delete customer account DNS information for customers that are not administered by that administrator. This attack can allow an attacker to cause a denial of service condition against vulnerable Web sites. 

http://www.example.com:2086/scripts/killacct?domain=(domain)&user=(user)&submit-domain=Terminate

Navigation

Suggest Exploit

Services By CQR