Vulnerability allowed bypassing 2FA in WHM & cPanel by bruteforcing

Vulnerability allowed bypassing 2FA in WHM & cPanel by bruteforcing

The vulnerability (CVE-2020-27641) allowed malicious actors to bypass two-factor authentication (2FA) on the software using brute-force attacks.


In the web hosting world, both the Web Hosting Manager (WHM) and cPanel are 2 products that have played a crucial role in making things easy for webmasters.


Add to this the various tools available like Softaculous at one’s hand, someone who doesn’t know much about coding could implement a range of features like installing new websites in one click. However, it is important to understand that the entire setup in itself could be vulnerable as well.


See: Microsoft advises ditching voice, SMS multi-factor authentication


Keeping this in mind, Digital Defense, a US-based cybersecurity company has recently discovered a vulnerability in their version 11.90.0.5 named CVE-2020-27641 which allowed malicious actors to bypass two-factor authentication (2FA) on the software using brute-force attacks.

This was mainly because a person could make unlimited tries when entering the 2FA code allowing them to try different guesses. However, to be prompted for the 2FA in the first place, the attacker should have known the login credentials for a specific account which makes gaining access not so easy.


To conclude, currently, cPanel has issued patches and users can protect themselves by updating to its latest version. If you think on the other hand that you may have been a victim of such an attack, it is best to c ..