Published on August 1st, 2019 📆 | 6048 Views ⚑0
cPanel up to 73.x Apache HTTP Server DocumentRoot Injection privilege escalation
|CVSS Meta Temp Score||Current Exploit Price (≈)|
A vulnerability was found in cPanel up to 73.x (Hosting Control Software). It has been rated as critical. Affected by this issue is an unknown code block of the component Apache HTTP Server. The manipulation of the argument
DocumentRoot with an unknown input leads to a privilege escalation vulnerability (Injection). Using CWE to declare the problem leads to CWE-269. Impacted is confidentiality, integrity, and availability.
The weakness was published 08/01/2019. The advisory is available at documentation.cpanel.net. This vulnerability is handled as CVE-2018-20885 since 07/31/2019. Technical details are known, but there is no available exploit.
Upgrading to version 74.0.0 eliminates this vulnerability.
VulDB Meta Base Score: 5.5
VulDB Meta Temp Score: 5.3
Status: Not defined
Price Prediction: 🔍
Current Price Estimation: 🔒
0-Day unlock unlock unlock unlock Today unlock unlock unlock unlock
0-Day Time: 🔒
Upgrade: cPanel 74.0.0
Created: 08/01/2019 04:57 PM
Enable the mail alert feature now!