Hackers are actively exploiting a bug in cPanel, used by millions of websites
Hackers are actively exploiting a bug in cPanel, used by millions of websites
黑客正在利用 cPanel 中的一个漏洞,该软件被数百万个网站使用
Security researchers are sounding the alarm on a newly discovered vulnerability in the widely used web server management software cPanel and WebHost Manager (WHM). The bug allows hackers to hijack and take full control of the servers running the affected software, which is thought to be used by tens of millions of website owners around the world. 安全研究人员对广泛使用的网络服务器管理软件 cPanel 和 WebHost Manager (WHM) 中新发现的一个漏洞发出了警告。该漏洞允许黑客劫持并完全控制运行受影响软件的服务器,据信全球有数千万网站所有者正在使用该软件。
Many commercial web hosting companies have patched their customers’ systems already. But the cPanel maker urged customers to ensure that their systems are patched as the bug affects all supported versions of the software. 许多商业网络托管公司已经为其客户的系统打上了补丁。但 cPanel 制造商敦促客户确保其系统已完成更新,因为该漏洞影响了该软件所有受支持的版本。
cPanel and WHM are two software suites used for managing web servers that host websites, manage emails, and handle important configurations and databases needed to maintain an internet domain. The two suites have deep-access to the servers that they manage, allowing a malicious hacker potentially unrestricted access to data managed by the affected software. cPanel 和 WHM 是两套用于管理网络服务器的软件套件,用于托管网站、管理电子邮件以及处理维护互联网域名所需的重要配置和数据库。这两套软件对其管理的服务器拥有深度访问权限,这使得恶意黑客有可能不受限制地访问受影响软件所管理的数据。
The bug, officially tracked as CVE-2026-41940, allows malicious hackers to remotely bypass its login screen to gain full access to the software’s administration panel. Given the ubiquity of the cPanel and WHM software across the web hosting industry, hackers could compromise potentially large numbers of websites that haven’t patched the bug. 该漏洞被正式编号为 CVE-2026-41940,它允许恶意黑客远程绕过登录界面,从而获得该软件管理面板的完全访问权限。鉴于 cPanel 和 WHM 软件在网络托管行业的普及程度,黑客可能会入侵大量尚未修复该漏洞的网站。
Canada’s national cybersecurity agency said in an advisory that the bug could be exploited to compromise websites on shared hosting servers, such as large web hosting companies. The agency said that “exploitation is highly probable” and that immediate action from cPanel customers, or their web hosts, is necessary to prevent malicious access. 加拿大国家网络安全机构在一份公告中表示,该漏洞可能被利用来入侵共享托管服务器上的网站,例如大型网络托管公司的服务器。该机构表示,“被利用的可能性极高”,cPanel 客户或其网络托管服务商必须立即采取行动,以防止恶意访问。
Web hosting giant Namecheap, which uses cPanel to allow its customers to manage their web servers, said the company blocked access to customers’ cPanel panels after learning of the flaw to prevent exploitation, and to give it time to patch its customers’ systems. HostGator also said it patched its systems and is considering the bug a “critical authentication-bypass exploit.” 网络托管巨头 Namecheap 使用 cPanel 让客户管理其网络服务器,该公司表示在得知该漏洞后,为了防止被利用并争取时间为其客户系统打补丁,已暂时屏蔽了对客户 cPanel 面板的访问。HostGator 也表示已修复其系统,并将该漏洞视为“关键的身份验证绕过漏洞”。
One web hosting company says it found evidence that hackers have been abusing the vulnerability for months before the attempts were discovered. KnownHost CEO Daniel Pearson said in a post on Reddit that his company has seen attempts to exploit the vulnerability as far back as February 23. The company said it also briefly began blocking access to customer systems before applying patches. 一家网络托管公司表示,他们发现有证据表明,在这些攻击尝试被发现之前,黑客已经利用该漏洞长达数月之久。KnownHost 首席执行官 Daniel Pearson 在 Reddit 上发帖称,他的公司早在 2 月 23 日就观察到了利用该漏洞的尝试。该公司表示,在应用补丁之前,他们也曾短暂开始屏蔽对客户系统的访问。
According to Pearson, around 30 servers at KnownHost showed signs of unauthorized attempted access out of thousands of computers on its network. Pearson likened the efforts to attempts, and has not seen signs of active compromise. cPanel also said it rolled out a security fix for WP Squared, a similar tool for managing WordPress websites. 据 Pearson 称,在 KnownHost 网络中的数千台计算机中,约有 30 台服务器出现了未经授权的访问尝试迹象。Pearson 将这些行为比作“尝试”,目前尚未发现被成功入侵的迹象。cPanel 还表示,已为 WP Squared(一种用于管理 WordPress 网站的类似工具)发布了安全修复程序。