CVE-2006-5014

HIGH

cPanel <10.9.0 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-5014. PoCs published by Clint Torrez.

AI-analyzed exploit summary This exploit targets a vulnerability in cPanel <= 10.8.x by leveraging the cpwrap and mysqlwrap binaries to execute arbitrary code as root. It creates a malicious strict.pm file to compile and execute a setuid root shell.

Description

Unspecified vulnerability in cPanel before 10.9.0 12 Tree allows remote authenticated users to gain privileges via unspecified vectors in (1) mysqladmin and (2) hooksadmin.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Clint Torrez · perllocallinux

https://www.exploit-db.com/exploits/2466

View Code ZIP pw:eip

This exploit targets a vulnerability in cPanel <= 10.8.x by leveraging the cpwrap and mysqlwrap binaries to execute arbitrary code as root. It creates a malicious strict.pm file to compile and execute a setuid root shell.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: cPanel <= 10.8.x

No auth needed

Prerequisites: Access to a system with vulnerable cPanel installation · gcc installed on the target system

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1548.001 - Setuid and Setgid

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Various Sources x_refsource_confirm

http://forums.cpanel.net/showthread.php?t=58134

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1016913

Patch, Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/22072

Various Sources x_refsource_confirm

http://changelog.cpanel.net/?build=&showall=1

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/20163

Scores

CVSS v3 8.8

EPSS 0.0384

EPSS Percentile 88.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-276

Status published

Products (19)

cpanel/cpanel 5.0

cpanel/cpanel 5.3

cpanel/cpanel 6.0

cpanel/cpanel 6.2

cpanel/cpanel 6.4

cpanel/cpanel 6.4.1

cpanel/cpanel 6.4.2

cpanel/cpanel 6.4.2_stable_48

cpanel/cpanel 7.0

cpanel/cpanel 8.0

... and 9 more

Published Sep 27, 2006

Tracked Since Feb 18, 2026