Close Menu

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    Helping small businesses with free, hands-on cyber consultancy

    July 15, 2026

    US charges alleged operators of Russian bulletproof hosting service

    July 15, 2026

    Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-days

    July 14, 2026
    Facebook X (Twitter) Instagram
    • Demos
    • Technology
    • Gaming
    • Buy Now
    Facebook X (Twitter) Instagram Pinterest Vimeo
    Canadian Cyber WatchCanadian Cyber Watch
    • Home
    • News
    • Alerts
    • Tips
    • Tools
    • Industry
    • Incidents
    • Events
    • Education
    Subscribe
    Canadian Cyber WatchCanadian Cyber Watch
    Home»News»CISA gives feds 4 days to patch actively exploited cPanel plugin flaw
    News

    CISA gives feds 4 days to patch actively exploited cPanel plugin flaw

    adminBy adminMay 27, 2026No Comments2 Mins Read
    Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
    Share
    Facebook Twitter LinkedIn Pinterest Email


    cPanel

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given U.S. federal agencies four days to secure their servers against a critical vulnerability in the LiteSpeed cPanel user-end plugin, which is actively being exploited in attacks.

    Tracked as CVE-2026-48172, this privilege escalation vulnerability is related to the mishandling of Redis enable/disable features and was found in the lsws.redisAble function.

    The vulnerability stems from an incorrect privilege assignment weakness that enables remote attackers with no privileges to execute arbitrary scripts with root privileges.

    LiteSpeed released urgent security updates on Thursday to address the flaw, warning users to update the cPanel user-end plugin (bundled with the WHM plugin) to the latest version.

    Users are advised to use the following command to check if their server is vulnerable to CVE-2026-48172 attacks:

    
    grep -rE "cpanel_jsonapi_func=redisAble" /var/cpanel/logs /usr/local/cpanel/logs/ 2>/dev/null

    “This vulnerability is being actively exploited, and poses a risk for all user-end plugin versions between v2.3 and v2.4.4,” the LiteSpeed team noted.

    “If this command results in any output, we recommend you examine the IPs in the list, determine if they are valid, and if not, block them. To determine any damage done, examine the system logs for any actions taken by the detected IPs.”

    ​​​On Tuesday, CISA added the security flaw to its catalog of vulnerabilities exploited in attacks and ordered U.S. federal agencies to patch their systems by midnight on Friday, May 29, as mandated by Binding Operational Directive (BOD) 22-01.

    While BOD 22-01 applies only to U.S. federal agencies, CISA urged all defenders (including the private sector) to prioritize CVE-2026-48172 patches and secure their servers as soon as possible.

    “This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise,” the cybersecurity agency warned.

    “Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.”


    article image

    Automated pentesting tools deliver real value, but they were built to answer one question: can an attacker move through the network? They were not built to test whether your controls block threats, your detection rules fire, or your cloud configs hold.

    This guide covers the 6 surfaces you actually need to validate.

    Download Now



    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticleCISA Adds Three Known Exploited Vulnerabilities to Catalog
    Next Article Jenkins security advisory (AV26-515) – Canadian Centre for Cyber Security
    admin
    • Website

    Related Posts

    News

    Helping small businesses with free, hands-on cyber consultancy

    July 15, 2026
    News

    US charges alleged operators of Russian bulletproof hosting service

    July 15, 2026
    News

    Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-days

    July 14, 2026
    Add A Comment

    Comments are closed.

    Demo
    Top Posts

    Catchy & Intriguing

    March 17, 202677 Views

    The Canadian Password Playbook: Navigating Compliance and Building Strong Passwords

    March 25, 202634 Views

    IP Address Investigations and Local OSINT

    March 20, 202634 Views
    Stay In Touch
    • Facebook
    • YouTube
    • TikTok
    • WhatsApp
    • Twitter
    • Instagram
    Latest Reviews
    85
    Featured

    Pico 4 Review: Should You Actually Buy One Instead Of Quest 2?

    January 15, 2021 Featured
    8.1
    Uncategorized

    A Review of the Venus Optics Argus 18mm f/0.95 MFT APO Lens

    January 15, 2021 Uncategorized
    8.9
    Editor's Picks

    DJI Avata Review: Immersive FPV Flying For Drone Enthusiasts

    January 15, 2021 Editor's Picks

    Subscribe to Updates

    Get the latest tech news from FooBar about tech, design and biz.

    Demo
    Most Popular

    Catchy & Intriguing

    March 17, 202677 Views

    The Canadian Password Playbook: Navigating Compliance and Building Strong Passwords

    March 25, 202634 Views

    IP Address Investigations and Local OSINT

    March 20, 202634 Views
    Our Picks

    Helping small businesses with free, hands-on cyber consultancy

    July 15, 2026

    US charges alleged operators of Russian bulletproof hosting service

    July 15, 2026

    Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-days

    July 14, 2026

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    Facebook X (Twitter) Instagram Pinterest
    • Home
    • Technology
    • Gaming
    • Phones
    • Buy Now
    © 2026 ThemeSphere. Designed by ThemeSphere.

    Type above and press Enter to search. Press Esc to cancel.