CVE-2008-2071

Name of the Vulnerable Software and Affected Versions cPanel versions 11.18.0 through 11.18.3 cPanel versions 11.22.0 through 11.22.2

Description The issue allows remote attackers to perform unauthorized actions as cPanel administrators. This can be achieved via requests to "cpanel/whm/webmail" and other unspecified vectors. There have been reports of real-world incidents where attackers exploited this issue, with one incident involving a hosting company's site being compromised.

Recommendations For cPanel versions 11.18.0 through 11.18.3, update to version 11.18.4 or later. For cPanel versions 11.22.0 through 11.22.2, update to version 11.22.3 or later.