cPanel TSR-2020-0004 Full Disclosure


Phil Hodges

SEC-488 Summary Code execution due to faulty file extension dispatching. Security Rating cPanel has assigned this vulnerability a CVSSv3 score of 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Description cPanel & WHM’s cpsrvd daemon did not verify that some file extensions matched the actual file that would handle a request before dispatching the request to …

Continue reading...