SB2025091823 - Multiple vulnerabilities in cPanel EasyApache4
Published: September 18, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) Out-of-bounds read (CVE-ID: CVE-2025-53859)
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary condition in the ngx_mail_smtp_module. A remote attacker can force the server to leak arbitrary bytes sent in a request to the authentication server.
This issue happens during the NGINX SMTP authentication process and requires the attacker to make preparations against the target system to extract the leaked data. The issue affects NGINX only if (1) it is built with the ngx_mail_smtp_module, (2) the smtp_auth directive is configured with method "none," and (3) the authentication server returns the "Auth-Wait" response header.
2) Use of insufficiently random values (CVE-ID: CVE-2025-10148)
The vulnerability allows a remote attacker to perform cache poisoning.
The vulnerability exists due to the websocket code does not update the 32 bit mask pattern for each new outgoing frame as the specification says.Instead it used a fixed mask that persisted and was used throughout the entire connection. As a result, a malicious server can induce traffic between the two communicating parties that can be interpreted by an involved proxy and poison cached content.
Remediation
Install update from vendor's website.