#litespeed

34lbs collective weight

TAD x SIG MPX

Visit https://packconfig.com/loadout/loadout-versatile-get-home-pack/ for the full post

Visit http://packconfig.com/loadout/loadout-emergency-response-pack/ for the full post

CVE-2026-48172: Root Privilege Escalation in LiteSpeed cPanel Plugin A critical vulnerability, identified as CVE-2026-48172, affects the LiteSpeed User-End cPanel Plugin versions 2.3 through 2.4.4. This security flaw carries a CVSS v4.0 score of 10.0, marking it as highly severe. Any authenticated cPanel user—with no special privileges—can execute arbitrary scripts with root-level access on the underlying server, potentially compromising all customers on that shared hosting environment. Discovered and disclosed on May 21, 2026, this vulnerability has already been actively exploited. It is listed in the CISA Known Exploited Vulnerabilities catalog, indicating a heightened level of urgency for remediation. A patch was issued alongside the WHM Plugin 5.3.1.0 and cPanel Plugin 2.4.7. Impact of the Vulnerability The underlying flaw resides in the lsws.redisAble function, which manages Redis operations within the plugin. This function can be accessed by any authenticated cPanel user, allowing a compromised account to execute malicious scripts with root privileges. As a result, an attacker can seize control of the host machine, thereby affecting other tenants sharing the same server. The high CVSS vector (AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H) illustrates that this vulnerability can be exploited over a network with minimal complexity and without requiring elevated permissions or user interaction. Patching and Mitigation To mitigate this issue, affected users must upgrade to WHM Plugin 5.3.1.0 along with cPanel Plugin 2.4.7, as previous versions only provided partial fixes. If immediate patching isn't feasible, the vulnerable component can be completely uninstalled with the following command: /usr/local/lsws/admin/misc/lscmctl cpanelplugin --uninstall Exploitation Activity Automated attacks targeting unpatched installations are already widespread, employing various malware and ransomware tactics. The swift transition from disclosure to exploitation highlights the urgent need for patching. CISA's entry of this vulnerability into their catalog on May 26, 2026, with a federal patch deadline of June 16, underscores the risk posed by this vulnerability. Key Actions Before the Deadline - Upgrade to the complete fix using WHM Plugin 5.3.1.0 and cPanel Plugin 2.4.7 across all servers. - If unable to patch immediately, uninstall the vulnerable plugin to prevent potential exploitation. - Examine server logs for any signs of exploitation using the appropriate command to check previous activity. - Conduct a comprehensive audit of all servers in the network to identify and patch any that may still be vulnerable. For businesses utilizing LiteSpeed with cPanel, even a newly created low-tier account poses a significant security risk due to this vulnerability. Immediate action is essential to protect the integrity of the hosting environment. Additional Resources - CVE-2026-48172 - NVD (official) - Security Update for LiteSpeed cPanel Plugin - LiteSpeed Blog - Known Exploited Vulnerabilities Catalog - CISA   LowEndBox is a go-to resource for those seeking budget-friendly hosting solutions. This editorial focuses on syndicated news articles, delivering timely information and insights about web hosting, technology, and internet services that cater specifically to the LowEndBox community. With a wide range of topics covered, it serves as a comprehensive source of up-to-date content, helping users stay informed about the rapidly changing landscape of affordable hosting solutions. Read the full article