Hello,
A new critical vulnerability has been discovered in CyberPanel, a popular open-source web hosting control panel. The flaw, a zero-click pre-authentication root remote code execution (RCE), remains unpatched in the version 2.3.6 and below of CyberPanel.
For more details on this, please check the link below
https://managingwp.io/live-blog/cyberpanel-servers-v2-3-6-hacked-via-pre-auth-rce-october-28th-2024/
Affected Services
The vulnerability only affects users who have a VPS/Dedicated Server with Cyberpanel version 2.3.6 and below.
Users with VPS/Dedicated Servers with other control panels such as CWP, cPanel, Plesk, Webuzzo, Webmin or who do not use control panels are not affected by this.
How to Fix
If your vm is already affected download and run this script from your root commandline.
https://das106.truehost.cloud/cleanup.sh
The above script will also upgrade your cyberpanel version to the latest version also remember to update your cyberpanel admin password also your ssh users passwords.
To update Cyberpanel to the latest version. Cyberpanel Update is quick and the steps below show you how to do it:
1. Login to your server via SSH as root user.
2. Run the command below to check the current version of Cyberpanel
cat /usr/local/CyberCP/version
3. If the version is lower than 2.3.7, this means an update is required to fix the issue.
4.Run the command below to update Cyberpanel
sh <(curl https://raw.githubusercontent.com/usmannasir/cyberpanel/stable/preUpgrade.sh || wget -O - https://raw.githubusercontent.com/usmannasir/cyberpanel/stable/preUpgrade.sh)
If using a sudo user rather than root, try this:
sudo su - -c "sh <(curl https://raw.githubusercontent.com/usmannasir/cyberpanel/stable/preUpgrade.sh || wget -O - https://raw.githubusercontent.com/usmannasir/cyberpanel/stable/preUpgrade.sh)"
5. Allow it some few minutes to complete update.
Should you encounter any challenges, please reach out to our support team via [email protected] for further assistance.
