VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

CVE-2026-48172 in LiteSpeed cPanel plugin: exploited to execute scripts as root

CVE-2026-48172 в плагине LiteSpeed для cPanel: эксплуатируется для запуска скриптов от root

Colleagues, a security alert: CVE-2026-48172 in the LiteSpeed cPanel plugin is being actively exploited.

What happened:
— Incorrect privilege assignment in lsws.redisAble allows scripts to run as root.
— Affected: versions 2.3–2.4.4; fixed in 2.4.5. Update recommended to cPanel plugin 2.4.7 and WHM 5.3.1.0.

How to check & mitigate:
— Indicator: grep -rE "cpanel_jsonapi_func=redisAble" /var/cpanel/logs /usr/local/cpanel/logs/ 2>/dev/null
— Temporarily remove plugin: /usr/local/lsws/admin/misc/lscmctl cpanelplugin --uninstall

Why it matters: the flaw grants full server control and is already exploited.

What measures are you taking?
#cybersecurity #cPanel #LiteSpeed #infosec

Latest comments

No comments yet.