CVE-2021-26266
HIGHcPanel < 92.0.9 - Authenticated Suspension Lock Bypass
Title source: llmDescription
cPanel before 92.0.9 allows a Reseller to bypass the suspension lock (SEC-578).
References (1)
Core 1
Core References
Release Notes, Vendor Advisory x_refsource_misc
https://docs.cpanel.net/changelogs/92-change-log/
Scores
CVSS v3
7.5
EPSS
0.0035
EPSS Percentile
57.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Details
Status
published
Products (1)
cpanel/cpanel
< 92.0.9
Published
Jan 26, 2021
Tracked Since
Feb 18, 2026