2-Factor Authentication Bypass Flaw Reported in cPanel and WHM Software

cPanel, a provider of popular administrative tools to manage web hosting, has patched a security vulnerability that could have allowed remote attackers with access to valid credentials to bypass two-factor authentication (2FA) protection on an account.

The issue, tracked as “SEC-575” and discovered by researchers from Digital Defense, has been remedied by the company in versions 11.92.0.2, 11.90.0.17, and 11.86.0.32 of the software.

cPanel and WHM (Web Host Manager) offers a Linux-based control panel for users to handle website and server management, including tasks such as adding sub-domains and performing system and control panel maintenance. To date, over 70 million domains have been launched on servers using cPanel’s software suite.

The issue stemmed from a lack of rate-limiting during 2FA during logins, thus making it possible for a malicious party to repeatedly submit 2FA codes using a brute-force approach and circumvent the authentication check.

Digital Defense researchers said an attack of this kind could be accomplished in minutes.

“The two-factor authentication cPanel Security Policy did not prevent an attacker from repeatedly submitting two-factor authentication…

http://feedproxy.google.com/~r/TheHackersNews/~3/4Ui8rLCyi3Q/2-factor-authentication-bypass-flaw.html

Leave a Reply