Critice Linux Hosting Securitate Consultanță
WebCare360 emite această avertizare de securitate pentru VPS, server dedicat și clienții de găzduire cu privire la mai multe vulnerabilități de severitate ridicată care afectează cPanel/WHM, Apache HTTP Server, OpenSSH, kernel-ul Linux și mediile de găzduire bazate pe CloudLinux.
WebCare360 sfătuiește clienții de VPS, servere dedicate, găzduire gestionată și servere autogestionate să analizeze mai multe vulnerabilități importante de securitate pentru găzduirea Linux, dezvăluite între sfârșitul lunii aprilie și începutul lunii mai 2026. Aceste probleme afectează componentele de găzduire utilizate frecvent, inclusiv cPanel/WHM, Apache HTTP Server, OpenSSH, pachetele kernel Linux și mediile CloudLinux.
Aceste vulnerabilități pot afecta serverele de găzduire pe care rulează cPanel, AlmaLinux, CloudLinux, Rocky Linux, sisteme compatibile RHEL, Ubuntu, Debian, Apache HTTP/2, autentificarea certificatelor OpenSSH sau patch-uri live bazate pe KernelCare. Clienții și administratorii de servere trebuie să verifice versiunile pachetelor instalate, să aplice patch-urile acceptate de furnizor și să repornească sistemul acolo unde este necesar.
Important: Aceste vulnerabilități nu afectează neapărat fiecare server WebCare360 sau fiecare mediu al clienților. Aplicabilitatea depinde de sistemul de operare, pachetele instalate, serviciile activate, utilizarea panoului de control, configurația HTTP/2, designul de autentificare SSH, versiunea kernelului și starea patch-urilor live.
Rezumat al vulnerabilităților
| Componentă | CVE | Severitate | Acțiune primară |
|---|---|---|---|
| cPanel / WHM / WP Squared | CVE-2026-41940 | Critic - CVSS 9.8 | Actualizați cPanel/WHM imediat |
| Kernel Linux | CVE-2026-31431 | Ridicat - CVSS 7.8 | Actualizați nucleul și reporniți, sau verificați patch-ul live |
| Server Apache HTTP | CVE-2026-23918 | Ridicat / Important | Actualizați Apache 2.4.66 la 2.4.67 sau pachetul fixat de furnizor |
| OpenSSH | CVE-2026-35414 | Severitatea furnizorului variază | Actualizați OpenSSH, în special dacă utilizați autentificarea prin certificat SSH |
Detalii privind vulnerabilitățile și îndrumări privind patch-urile
O vulnerabilitate critică de depășire a autentificării afectează serviciile expuse cPanel & WHM / WP Squared. Exploatarea cu succes poate permite accesul neautorizat la funcționalități administrative fără acreditări valide. Orice server care rulează cPanel/WHM sau WP Squared ar trebui să fie revizuit și reparat imediat.
Referințe:
A Linux kernel local privilege-escalation vulnerability may allow an unprivileged local user to gain root privileges on affected systems. This is especially important for shared hosting, VPS nodes, container hosts, servers with jailed shell access, reseller environments, and systems where untrusted local code may execute.
RHEL / AlmaLinux / Rocky Linux / CloudLinux:
Older yum-based systems:
Ubuntu / Debian:
KernelCare-enabled systems:
Referințe:
Apache HTTP Server 2.4.66 is affected by a double-free vulnerability in HTTP/2 handling that may result in denial of service or possible remote code execution. Systems running Apache 2.4.66 with HTTP/2 enabled should be upgraded to Apache 2.4.67 or the fixed package provided by the operating system or control-panel vendor.
cPanel / EasyApache 4 systems:
Older yum-based systems:
CloudLinux repository note:
Check Apache and HTTP/2 status:
Referințe:
OpenSSH before 10.3 contains an issue involving the authorized_keys principals option in uncommon SSH certificate-authority configurations. Risk is highest for environments using SSH certificate-based authentication with cert-authority și principals= restrictions.
Systems not using SSH certificate authentication have significantly lower exposure, but WebCare360 still recommends installing the vendor-provided OpenSSH update.
RHEL / AlmaLinux / Rocky Linux / CloudLinux:
Ubuntu / Debian:
Check for higher-risk SSH certificate-principal configuration:
Referințe:
Recommended Actions for VPS and Dedicated Server Customers
- Actualizați cPanel/WHM imediat if installed and confirm the installed cPanel version after running the update.
- Verify Apache is not running vulnerable version 2.4.66, especially where HTTP/2 is enabled.
- Install the latest operating system kernel updates and reboot unless live patching is confirmed.
- Update OpenSSH using vendor packages, especially if SSH certificate authentication is used.
- Review administrative access, including SSH keys, WHM users, API tokens, cron jobs, sudoers rules, and unexpected privileged accounts.
- Confirm backups are current and stored outside the affected server.
Quick Verification Commands
For cPanel / RHEL-family systems:
For Ubuntu / Debian systems:
Întrebări frecvente
Does this advisory affect every WebCare360 customer?
No. Applicability depends on the operating system, installed software, control panel, Apache version, SSH configuration, kernel version, and whether the server is managed or self-managed.
Do unmanaged VPS and dedicated server customers need to patch manually?
Yes. Customers with unmanaged VPS or dedicated servers are responsible for applying updates, rebooting where required, and verifying that vulnerable software versions are no longer installed.
Should cPanel/WHM servers be treated as urgent?
Yes. Servers running vulnerable cPanel/WHM versions should be updated immediately because the cPanel issue is critical and confirmed as actively exploited.
Is a reboot required after kernel updates?
In most cases, yes. A reboot is required after installing a new kernel unless KernelCare or another live patching solution confirms that the relevant CVE has already been patched in memory.
Need Help Securing Your Server?
WebCare360 customers with managed VPS or dedicated server services may contact our support team to confirm patch status, review affected services, or request assistance with security updates. Self-managed server customers should review the advisory above and apply the applicable patches as soon as possible.
Open a Support Ticket
