cPanel 2-Factor Auth Bypass

November 30, 2020

Table of Contents

cpanel.net/wp-content/themes/cPbase/assets/img/...

2-Factor Authentication Bypass hole in WHM cPanel security has been Reported effected WHM resellers.

cPanel, a software provider to manage web hosting/websites, has recently patched a security vulnerability that allowed hackers with access to valid credentials to a cPanel account on the server, gaining cPanel bypassing the two-factor authentication (2FA) protection on an account.

The issue which is tracked as “SEC-575” and is discovered by researchers from Digital Defense.

The issue came from a lack of rate-limiting during 2FA during cPanel account logins, making an opportunity possible for a hacker/opportunist to repeatedly submit 2FA codes using the brute-force approach which eventually bypasses/hacks the authentication check.

Researchers have recently as of November 2020 said known attacks of this kind could be accomplished within minutes.

“The two-factor authentication cPanel Security Policy did not prevent an attacker from repeatedly submitting two-factor authentication codes,” cPanel said in this advisory. “This allowed an attacker to bypass the two-factor authentication check using brute-force techniques.”

cPanel has now addressed the flaw by adding a rate limit check to its cPHulk brute-force protection service, causing a failed validation of the 2FA code/codes to be treated as a failed login.

This is not the first time the absence of rate-limiting has posed a serious security concern, issues like this should not have happened but the issue was dealt with quickly which is what we would expect. At 247Rack we have no reports of any bypasses so do not worry and we are confident cPanel is still secure and always will be.

During July of 2020, the video conferencing company called Zoom fixed a security loophole that could of allowed any hackers/attackers to break/bypass the numeral passcode used to secure Zoom private meetings on the platform also enabling spying on all active participants of a target bypassed.

It’s recommended that all 247Rack cPanel customers using Cpanel to carry out commands or login to the admin panel and update apply the patches to mitigate the risk associated with the security flaw. We would highly recommend opensource software Jitsi, a self-hosted instance that can be easily setup with any 247Rack server.

Share on
Facebook
Twitter
LinkedIn
Pinterest
More posts

Dedicated Servers Quick Guide

What is a Dedicated Servers? Why bother using a dedicated server over a VPS or Shared Hosting?A dedicated server is a server 100% dedicated to your website/project or business needs.

Dedicated Server or VPS Server?

What is the difference between Dedicated Server or VPS Server?In short, VPS hosting works on a virtual shared server, where you host your website alongside others; dedicated hosting, meanwhile, gives

VMware trademark guide

VMware trademark guide a very important resource for bloggers, technical writer .VMware employees and partners who have less interest in blogs .the guide is intended to provide guidance regarding the

Enhanced Storage Features on 5.1

Enhanced Storage Features on 5.1 SESMATEnhanced Storage features introduced by 5.1 VMFS File Sharing Limits In previous versions of vSphere, the maximum number of hosts which could share a read-only

Get 90% Discount

First 3 People gets the Bonus!
Don't Miss Out Our Big Sale

Get 0-90% On All
247Rack Services

247Rack

The Sale Is Until The End Of March