Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons

Social Media

Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons
Search the Site
Popular Searches:
technology Amazon AI
Recent Posts
AI Used in Ticketmaster Attack to Score Free Tickets
July 3, 2026
Anthropic Details Claude 3.5 Sonnet Safeguards and Jailbreak Framework
July 3, 2026
Google Disrupts NetNut Residential Proxy Botnet Exploiting 2 Million Devices
July 3, 2026
Home/CyberSecurity News/cPanel Critical Authentication Flaw CVE-2024-XXXX Patched
CyberSecurity News

cPanel Critical Authentication Flaw CVE-2024-XXXX Patched

Key Takeaways cPanel has issued an urgent security update to address a critical authentication vulnerability. The flaw, confirmed on April 28, 2026, impacts all supported versions of cPanel and Web...

Sarah simpson
Sarah simpson
April 29, 2026 3 Min Read
36 0

Key Takeaways

  • cPanel has issued an urgent security update to address a critical authentication vulnerability.
  • The flaw, confirmed on April 28, 2026, impacts all supported versions of cPanel and Web Host Manager (WHM).
  • Exploitation could lead to complete administrative control over web servers, affecting all hosted websites and data.
  • Immediate patching is mandatory for all administrators, with specific secure builds released.
  • Unsupported cPanel versions are also vulnerable but will not receive a patch, necessitating migration or robust interim mitigations.

cPanel Issues Emergency Patch for Critical Authentication Bypass Flaw

cPanel, a leading provider of web hosting control panel software, has released an emergency security update to rectify a severe vulnerability identified within its core platform. This critical flaw directly impacts various authentication mechanisms across the cPanel and Web Host Manager (WHM) ecosystem, posing a significant risk to web infrastructure globally.

Table Of Content

  • Key Takeaways
  • cPanel Issues Emergency Patch for Critical Authentication Bypass Flaw
  • Extensive Attack Surface and Severe Implications
  • Immediate Action Required: Patching Instructions
  • Warnings for Unsupported Systems
  • What You Should Do

System administrators and web hosting providers are under urgent advisement to deploy the released patches without delay. This action is crucial to fortify their environments against potential unauthorized access stemming from the vulnerability.

The cPanel development team officially acknowledged the security issue on April 28, 2026, confirming its presence in every currently supported version of the platform. While specific technical details regarding the exploit methods remain undisclosed to protect users, vulnerabilities affecting authentication pathways are historically severe and can have widespread consequences.

Should this flaw be exploited, an attacker could bypass standard login procedures, potentially gaining administrative control over the affected server. This level of access grants profound capabilities to malicious actors.

Extensive Attack Surface and Severe Implications

Given the ubiquitous adoption of cPanel and WHM for managing web hosting infrastructure, the potential attack surface is vast. WHM, in particular, offers root-level access to servers, enabling administrators to manage security protocols, configure SSL certificates, and establish individual hosting accounts.

A successful compromise of an authentication path at this administrative level would grant threat actors complete dominion over all hosted websites, sensitive databases, and email communications residing on the server. Such breaches frequently precipitate severe security incidents, including widespread website defacement, the deployment of ransomware, and the exfiltration of confidential customer data.

Moreover, compromised servers are often co-opted into botnets, subsequently utilized to launch distributed denial-of-service (DDoS) attacks or disseminate malicious spam campaigns. Safeguarding these critical administrative entry points is paramount for preserving the integrity and trustworthiness of the broader web hosting supply chain.

Immediate Action Required: Patching Instructions

To neutralize this pressing threat, the cPanel security team has deployed emergency patches across all supported release tiers. Administrators must ensure their servers are running one of the following secure builds:

  • 11.110.0.97
  • 11.118.0.63
  • 11.126.0.54
  • 11.132.0.29
  • 11.134.0.20
  • 11.136.0.5

Server operators can initiate the update process manually via the command-line interface. Executing the /scripts/upcp --force command will instruct the server to fetch and install the most recent patched release directly from official repositories. Following the update, administrators should also meticulously review their authentication logs for any anomalous login attempts that may have occurred prior to the patch deployment.

Warnings for Unsupported Systems

The security advisory includes a stringent warning for environments operating end-of-life or unsupported versions of the software. These older iterations are highly likely to harbor the same critical authentication flaw but will not receive the emergency fix. Administrators managing such legacy servers must prioritize a migration to a supported release track as expeditiously as possible.

In the interim, applying strict firewall rules, mandating multi-factor authentication (MFA), and implementing IP allowlisting for WHM access can help mitigate the immediate risk of exploitation for these vulnerable systems.

What You Should Do

  • Immediately Apply Patches: Update all cPanel and WHM installations to one of the secure builds (11.110.0.97, 11.118.0.63, 11.126.0.54, 11.132.0.29, 11.134.0.20, or 11.136.0.5) using the /scripts/upcp --force command.
  • Monitor Logs: Review authentication logs for any suspicious login attempts that occurred before the patch was applied.
  • Upgrade Unsupported Systems: Plan and execute a migration for any servers running end-of-life or unsupported cPanel versions to a supported release.
  • Implement Interim Mitigations: For unsupported systems awaiting migration, enforce strict firewall rules, enable multi-factor authentication (MFA), and utilize IP allowlisting for WHM access to reduce immediate risk.
  • Stay Informed: Regularly check cPanel’s official security advisories for ongoing updates and recommendations.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.

Tags:

AttackExploitPatchransomwareSecurityThreatVulnerability

Share Article

Sarah simpson

Sarah simpson

Sarah is a cybersecurity journalist specializing in threat intelligence and malware analysis. With over 8 years of experience covering APT groups, zero-day exploits, and advanced persistent threats, Sarah brings deep technical expertise to breaking cybersecurity news. Previously, she worked as a security researcher at leading threat intelligence firms, where she analyzed malware samples and tracked cybercriminal operations. Sarah holds a Master's degree in Computer Science with a focus on cybersecurity and is a regular contributor to major security conferences.

Previous Post

Critical RCE in GitHub.com and Enterprise Server Lets Attackers Fully Compromise Servers

Next Post

BlueNoroff Uses Fileless PowerShell, AI Zoom Lures in New Campaign

No Comment! Be the first one.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts
New Microsoft 365 Phishing Uses OAuth Device Code Flow to Steal Tokens
July 2, 2026
Critical Claude Cowork Sandbox Vulnerability Lets Attackers Run Commands as Root
July 2, 2026
Ousaban Malware Targets Iberian Banks with Phishing PDFs and VBS Downloader
July 2, 2026
Top Authors
Marcus Rodriguez
Marcus Rodriguez
Jennifer sherman
Jennifer sherman
Emy Elsamnoudy
Emy Elsamnoudy
Let's Connect
156k
2.25m
285k

Related Posts

Jennifer sherman
By Jennifer sherman
Threats

GlassWorm Attacks macOS via Malicious VS Code…

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Attacks

ClickFix Attack Hides Malicious Code via Stegan Security

January 1, 2026
Sarah simpson
By Sarah simpson
Vulnerabilities

MongoBleed Detector Tool Released to Detect MongoDB Vulnerability(CVE-2025-14847)

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Breaches

Conti Ransomware Gang Leaders & Infrastructure Exposed

January 1, 2026
Hackers News Hackers News
  • [email protected]

Quick Links

  • Contact Us
  • Privacy Policy
  • Terms of service

Categories

Attacks
Breaches
Comparisons
CyberSecurity News
Threats
Vulnerabilities

Let's keep in touch

receive fresh updates and breaking cyber news every day and week!

All Rights Reserved by HackersRadar ©2026

Follow Us