cpanel bug or what?

upsforum

upsforum

Well-Known Member
Jul 27, 2005
474
0
166
on a vps I created a new account yesterday, the account is "dipenden" username, today a user acceded and uploaded a zip file phishing on this ftp account but from cpanel of another account, this is access_log:

IP-NOAUTH-USER - dipenden [12/20/2013:11:31:25 -0000] "GET /cpsess0000000/frontend/x3/files/img/fileactions/codeedit.png HTTP/1.1" 200 0 "http://www.anotherdomnainonsamevps:2082/cpsess4836193581/frontend/x3/files/selfile.html?dir=%2fhome%2fdipenden%2fpublic_html%2fimage&file=WellsfargoOnline.zip" "Mozilla/5.0 (Windows NT 6.2; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" "-"

how is this possible?
 
cPanelMichael

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,883
2,256
463
Hello :)

The ports used to access services such as cPanel/WHM are accessible over any domain name that points to the server. Thus, if a user had valid authentication details, they can use any domain name that points to the server to access cPanel. You are welcome to open a support ticket so we can take a closer look and verify it's not anything more than that:

Submit A Ticket

You can post the ticket number here so we can update this thread with the outcome.

Thank you.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
M New very dangerous security bug/feature in cpanel filter function Security 1
P Cpanel Password bug ? Security 1
T cPanel virtfs vs. Jailed Shell (Bug?) Security 2
J Security bug in cPanel login Security 1
C Security bug in cPanel/WHM found Security 2
Similar threads
New very dangerous security bug/feature in cpanel filter function
Cpanel Password bug ?
cPanel virtfs vs. Jailed Shell (Bug?)
Security bug in cPanel login
Security bug in cPanel/WHM found
Top Bottom