PT-2019-7603 · Cpanel · Cpanel

Published

2019-08-07

Updated

2019-08-09

CVE-2016-10807

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions cPanel versions prior to 57.9999.54

Description The issue allows for certain denial-of-service outcomes. This can be achieved via the "/scripts/killpvhost" API endpoint.

Recommendations For versions prior to 57.9999.54, update to version 57.9999.54 or later to resolve the issue. As a temporary workaround, consider restricting access to the "/scripts/killpvhost" endpoint until the update is applied.

Fix

DoS

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2016-10807

Affected Products

Cpanel

PT-2019-7603 · Cpanel · Cpanel

CVE-2016-10807

Weakness Enumeration

Related Identifiers

Affected Products

References · 4