Solusvm · Solusvm · CVE-2022-42175
**Name of the Vulnerable Software and Affected Versions**
WHMCS module SolusVM version 1.4.1.2
**Description**
The issue allows an attacker to change the password and hostname of other customer servers without authorization due to an Insecure Direct Object Reference vulnerability.
**Recommendations**
For WHMCS module SolusVM version 1.4.1.2, update to a version that fixes this issue to prevent unauthorized changes to customer servers.