On many occasions, vulnerabilities arise that can put the security of our systems and devices at risk. This can occur in all types of equipment that we use and programs in general. However, the problem increases when it affects a service that has many users. In this article we echo a bug that has exposed millions of websites. This is a bug that affects the cPanel & WebHost Manager (WHM) web hosting platform.
A bug lets you avoid 2FA on web pages
Specifically, this error allows you to bypass two-factor authentication to access cPanel & WHM. This could lead to brute force attacks that compromise the security of websites and allow attackers to enter. It is something that has affected millions of pages around the world. It has been identified by Digital Defense Inc.
cPanel & WHM is a set of tools created for the Linux operating system and that allow hosting providers and users to automate server management and different web hosting tasks. It is something that, as we can imagine, many users use on their websites every day.
It is estimated that this software package is used to manage about 70 million websites around the world. Now, cPanel & WHM version 11.90.0.5 (90.0 Build 5) has a flaw that bypasses two-factor authentication. This makes it susceptible to brute force attacks.
A potential attacker with the necessary skills or with valid access credentials could break in without having to resolve two-factor authentication . This avoids precisely one of the main security barriers that we have to avoid being victims of attacks of this type, since what 2FA does is request a second step, a second code for example, to be able to enter the account.
The flaw is that an attacker can try numerous 2FA codes without being prompted for a new one. This allows, as we see, to carry out brute force attacks.
Please update to fix this issue
As often happens every time there are vulnerabilities of this type, the developers themselves release patches and updates . This is the case of cPanel & WHM, where we can already make use of new versions that solve the problem.
These new versions are 11.92.0.2, 11.90.0.17 and 11.86.0.32. Therefore, users who have this tool should update to one of these compilations to solve the problem and prevent their website from being exposed to possible attackers based on brute force.
As we can see, this is an important problem that affects protection through security credentials . We must always use passwords that are strong and complex, in addition to having the security barrier of two-step authentication. However, it is always important to also keep the equipment properly updated. On many occasions, security problems and vulnerabilities may arise that must be corrected.