SB2025022022 - Multiple vulnerabilities in cPanel EasyApache 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2025022022

SB2025022022 - Multiple vulnerabilities in cPanel EasyApache

Published: February 20, 2025

Security Bulletin ID SB2025022022
Severity
High
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 40% Low 60%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) Information disclosure (CVE-ID: CVE-2025-0167)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to application can leak credentials when asked to use a .netrc file for credentials and to follow HTTP redirects. A remote attacker can gain access to sensitive information.


2) Resource management error (CVE-ID: CVE-2025-0665)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the application when built with the threaded resolver. A remote attacker can force the application to wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve


3) Integer overflow (CVE-ID: CVE-2025-0725)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow when handling gzip decompression of content-encoded HTTP responses with the CURLOPT_ACCEPT_ENCODING option using zlib 1.2.0.3 or older. A remote attacker can send specially crafted response to the application, trigger an integer overflow and execute arbitrary code on the target system.



4) Permissions, privileges, and access controls (CVE-ID: CVE-2024-56337)

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to incomplete mitigation for #VU101814(CVE-2024-50379) on a case insensitive file system with the default servlet write enabled (readonly initialisation parameter set to the non-default value of false). A remote attacker can upload malicious files to the server and execute them compromising the system.

The mitigation bypass depends on the version of Java used on the system.


5) Improper authentication (CVE-ID: CVE-2025-23419)

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an TLS session resumption when handling client certificate authentication. A remote attacker can bypass authentication process and gain unauthorized access to the application.

Successful exploitation of the vulnerability requires that name-based virtual hosts are configured to share the same IP address and port combination and have TLS 1.3 and OpenSSL. This vulnerability arises when TLS session tickets are used and/or the SSL session cache is used in the default virtual server and the default virtual server is performing client certificate authentication.


Remediation

Install update from vendor's website.

References