CyberPanel Details

    Organization Logo

    CyberPanel

    Escondido, CA20 employees • Technology

    https://cyberpanel.net
    United States

    Industry

    Technology

    Security Incidents

    1

    CyberPanel is a web hosting control panel that provides users with an intuitive interface to manage their websites and web server environments. It is developed to ease the complexities involved in web hosting and server management, leveraging the open-source capabilities of LiteSpeed Web Server and OpenLiteSpeed. CyberPanel's primary purpose is to deliver a feature-rich, user-friendly, and efficient platform for managing websites, with functionalities tailored for both novice and advanced users. It is designed to host websites, manage databases, and maintain overall server performance with str...
    Show more

    Security Incidents

    CyberPanel Breach of Oct 2024
    Severity Score
    Very High

    Type

    Ransomware Attack

    Summary

    On October 27, a cybersecurity researcher named DreyAnd disclosed two critical vulnerabilities in CyberPanel, a popular web hosting control panel. These vulnerabilities, tracked as CVE-2024-51567 (authentication bypass) and CVE-2024-51568 (command injection), were publicly announced by CyberPanel on October 29 after issuing a security patch. Despite the patch, many servers remained vulnerable due to the previously undisclosed nature of the fix.

    Shortly after the public vulnerability disclosure, a massive ransomware attack using the PSAUX encryptor exploited these flaws. This attack affected n...
    Show more

    Severity

    The CyberPanel incident of October 2024 highlighted a severe cybersecurity breach. A zero-day vulnerability (CVE-2024-51567) in CyberPanel allowed the PSAUX ransomware to infiltrate 22,000 servers rapidly, with the critical flaw receiving a maximum CVSS score of 10/10. Despite patches being distributed post-discovery, the delay in public disclosure led to widespread exploitation. The attack led to a significant impact, disrupting 152,000 domains and databases globally, with the U.S. being hit hardest. Given the scale, the reliance on compromised infrastructure, and the use of a decryptor by re...
    Show more

    Impact

    The incident was a significant ransomware attack leveraging a zero-day vulnerability in CyberPanel, resulting in the compromise of approximately 22,000 servers within a short span. The attack took advantage of an authentication bypass and a command injection vulnerability, leading to the encryption of files by the notorious PSAUX ransomware. Although this primarily impacted system availability, the scale of the attack likely resulted in numerous domains and databases being rendered inaccessible.

    While no customer data exposure has been specifically mentioned, the compromise of so many servers...
    Show more

    KEEP YOUR ENVIRONMENT SECURE

    Weak credentials are the leading cause of breaches. Beyond Identity can help.

    See MFA exploits in action
    Watch how adversaries exploit companies in quick videos