Type: Arbitrary Command Execution
Product: WHMXtra (Reseller UI)
Vulnerable Version: G2 3.5
Fixed Version: G2 3.7
WHMXtra is a unique addon module for cPanel servers, designed to turbo charge your WHM, adding many features you could normally only do via command line or not at all. Our cPanel Xtra Plugin adds even more functionality to your end users cPanel, saving your techs time and saving you money.
The reseller UI of WHMXtra is vulnerable to 8+ arbitrary command execution exploits that would allow an attacker to escalate their privileges to root access.
Proof of Concept:
Due to the nature of this security flaw, we will not be posting a Proof of Concept until a much later date.
We have deemed this vulnerability to be rated as HIGH due to the fact that root access can be obtained.
This vulnerability was tested against WHMXtra Reseller UI G2 v3.5.
This vulnerability was patched in WHMXtra Reseller UI G2 v3.7.
Vendor Contact Timeline:
2013-08-22: Vendor contacted via email.
2013-08-22: Vendor confirms vulnerability.
2013-08-31: Vendor issues update.
2013-09-11: Rack911 issues security advisory.