Hackers Bypassing cPanel 2FA All Day Long

Researchers have discovered quite a big issue with cPanel which Hackers can exploit your 2FA authentication to obtain access to your cPanel Hosting service. 

 

 

What was found by Digtial Defense, Inc.

Digital Defense, Inc., a leader in vulnerability and threat management solutions, today announced that its Vulnerability Research Team (VRT) uncovered a previously undisclosed vulnerability affecting the cPanel & WebHost Manager (WHM) web hosting platform.” reads the post published by Digital Defense. “c_Panel &WHM version 11.90.0.5 (90.0 Build 5) exhibits a two-factor authentication bypass flaw, vulnerable to brute force attack, resulting in a scenario where an attacker with knowledge of or access to valid credentials could bypass two-factor authentication protections on an account.”

This exploitation can have a big impact towards web hosting providers and the 70 million domains around the world if not dealt with quickly. However there is some good news even though they can by pass the 2FA they will still need the correct credentials to log into the account. But as you know Hackers will turn around and start using  some sort of brute force attack.

 

“The two-factor authentication cPanel Security Policy did not prevent an attacker from repeatedly submitting two-factor authentication codes. This allowed an attacker to bypass the two-factor authentication check using brute force techniques.” reads a security advisory released by the company. “Failed validation of the two-factor authentication code is now treated as equivalent to a failure of the account’s primary password validation and rate limited by cPHulk.”

What to do?

Take this opportunity to not procrastinate and update cPanel to either of the following versions or later.

  • 11.92.0.2
  • 11.90.0.17
  • 11.86.0.32

Leave a Reply