Vulnerability CVE-2016-10828


Published: 2019-08-01   Modified: 2019-08-02

Description:
cPanel before 55.9999.141 allows arbitrary code execution because of an unsafe @INC path (SEC-97).

Type:

CWE-22

(Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'))

Vendor: Cpanel
Product: Cpanel 
Version:
55.9999.99
55.9999.89
55.9999.69
55.9999.61
55.9999.137
55.9999.130
55.9999.124
55.9999.122
55.9999.120
55.9999.117
55.9999.114
55.9999.106
11.54.0.8
11.54.0.7
11.54.0.6
11.54.0.5
11.54.0.4
11.54.0.19
11.54.0.18
11.54.0.17
11.54.0.16
11.54.0.15
11.54.0.14
11.54.0.12
11.54.0.1
11.54.0.0
11.52.2.1
11.52.1.3
11.52.1.2
11.52.1.1
11.52.1.0
11.52.0.9
11.52.0.8
11.52.0.6
11.52.0.5
11.52.0.24
11.52.0.23
11.52.0.22
11.52.0.21
11.52.0.20
11.52.0.18
11.52.0.17
11.52.0.15
11.52.0.14
11.52.0.13
11.52.0.10
11.51.9999.98
11.51.9999.165
11.51.9999.163
11.51.9999.159
11.51.9999.149
11.51.9999.140
11.51.9999.128
11.51.9999.121
11.51.9999.116
11.51.9999.114
11.51.9999.113
11.51.9999.105
11.51.9999.101
11.50.1.2
11.50.1.1
11.50.0.9
11.50.0.7
11.50.0.6
11.50.0.4
11.50.0.30
11.50.0.29
11.50.0.27
11.50.0.25
11.50.0.23
11.50.0.22
11.50.0.20
11.50.0.19
11.50.0.17
11.50.0.15
11.50.0.14
11.50.0.12
11.50.0.10

CVSS2 => (AV:N/AC:L/Au:S/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
9/10
10/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

 References:
https://documentation.cpanel.net/display/CL/56+Change+Log

Related CVE
CVE-2016-10812
In cPanel before 57.9999.54, /scripts/enablefileprotect exposed TTYs (SEC-117).
CVE-2016-10811
In cPanel before 57.9999.54, /scripts/unsuspendacct exposed TTYs (SEC-116).
CVE-2016-10810
In cPanel before 57.9999.54, /scripts/maildir_converter exposed a TTY to an unprivileged process (SEC-115).
CVE-2016-10809
In cPanel before 57.9999.54, /scripts/checkinfopages exposed a TTY to an unprivileged process (SEC-114).
CVE-2016-10808
In cPanel before 57.9999.54, /scripts/addpop and /scripts/delpop exposed TTYs (SEC-113).
CVE-2016-10807
cPanel before 57.9999.54 allows certain denial-of-service outcomes via /scripts/killpvhost (SEC-112).
CVE-2016-10806
cPanel before 57.9999.54 allows self XSS on the Paper Lantern Landing Page (SEC-110).
CVE-2016-10805
cPanel before 57.9999.54 allows demo accounts to execute arbitrary code via ajax_maketext_syntax_util.pl (SEC-109).

Copyright 2019, cxsecurity.com

 

Back to Top