Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

cpanel bug or what?

Discussion in 'Security' started by upsforum, Dec 20, 2013.

  1. upsforum

    upsforum Well-Known Member

    Joined:
    Jul 27, 2005
    Messages:
    462
    Likes Received:
    0
    Trophy Points:
    166
    on a vps I created a new account yesterday, the account is "dipenden" username, today a user acceded and uploaded a zip file phishing on this ftp account but from cpanel of another account, this is access_log:

    IP-NOAUTH-USER - dipenden [12/20/2013:11:31:25 -0000] "GET /cpsess0000000/frontend/x3/files/img/fileactions/codeedit.png HTTP/1.1" 200 0 "http://www.anotherdomnainonsamevps:2082/cpsess4836193581/frontend/x3/files/selfile.html?dir=%2fhome%2fdipenden%2fpublic_html%2fimage&file=WellsfargoOnline.zip" "Mozilla/5.0 (Windows NT 6.2; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" "-"

    how is this possible?
     
    #1 upsforum, Dec 20, 2013
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    42,782
    Likes Received:
    1,712
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello :)

    The ports used to access services such as cPanel/WHM are accessible over any domain name that points to the server. Thus, if a user had valid authentication details, they can use any domain name that points to the server to access cPanel. You are welcome to open a support ticket so we can take a closer look and verify it's not anything more than that:

    Submit A Ticket

    You can post the ticket number here so we can update this thread with the outcome.

    Thank you.
     
    #2 cPanelMichael, Dec 20, 2013
  3. upsforum

    upsforum Well-Known Member

    Joined:
    Jul 27, 2005
    Messages:
    462
    Likes Received:
    0
    Trophy Points:
    166
    thank you, I submitted a ticket
     
    #3 upsforum, Dec 20, 2013
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    42,782
    Likes Received:
    1,712
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Would you mind sharing the ticket number so we can update this thread with the outcome?

    Thank you.
     
    #4 cPanelMichael, Dec 23, 2013
(You must log in or sign up to post here.)
Loading...
Similar Threads - cpanel
  1. martin MHC

    Webmin installed on cPanel server?

    martin MHC, Apr 24, 2018 at 9:43 AM, in forum: General Discussion
    Replies:
    4
    Views:
    29
    cPanelMichael
    Apr 24, 2018 at 11:20 AM
  2. Elizabeta

    Setting SNMP on cPanel

    Elizabeta, Apr 24, 2018 at 2:59 AM, in forum: General Discussion
    Replies:
    1
    Views:
    29
    cPanelMichael
    Apr 24, 2018 at 10:06 AM
  3. rhm.geerts

    Stop old cPanel services?

    rhm.geerts, Apr 23, 2018 at 11:11 AM, in forum: General Discussion
    Replies:
    9
    Views:
    53
    cPanelLauren
    Apr 24, 2018 at 9:28 AM
  4. cPanelBenny

    2018 cPanel Conference Call for Speakers!

    cPanelBenny, Apr 23, 2018 at 9:24 AM, in forum: cPanel Announcements
    Replies:
    0
    Views:
    120
    cPanelBenny
    Apr 23, 2018 at 9:24 AM
  5. Antoniogg

    Busco experto en Linux y CPanel para solucionar problemas en VPS

    Antoniogg, Apr 19, 2018 at 1:38 PM, in forum: Discusión en Español
    Replies:
    10
    Views:
    169
    Antoniogg
    Apr 19, 2018 at 3:13 PM

Share This Page