Mrg
- Total activity 27
- Last activity
- Member since
- Following 0 users
- Followed by 0 users
- Votes 1
- Subscriptions 5
Activity overview
Latest activity by Mrg-
Mrg commented,
many many thanks for the clarification.
-
Mrg commented,
thanks. Sure we know. we use it with ELS and we do manual upgrade and CL6 ELS gets critical updates too. we know and we do upgrades in 2/3 month (due cpanel and centos/cl) we have to migrate it. th...
-
Mrg commented,
Many thanks. We use 11.110.0.50 , last version because of CloudLinux6 , so Cpanel on Cloudlinux6 won't upgrade since 2025-01-15).This is our last "old" Server. All other cpanel Servers are on Cloud...
-
Mrg commented,
Thanks. But: https://support.cpanel.net/hc/en-us/articles/36417624514455-Internal-Article-Local-Privilege-Escalation-Vulnerability-using-the-Team-Manager-API "The exploit does not require any speci...
-
Mrg commented,
Thanks for answer. But do you have a changelog which files are modified by the update? Can you describe the issue in more detail. Due it is a privilege escalation and we do not have any local user...
-
Mrg commented,
sure, but we do not need it. can you say what file was modified? so we can manually disable it or add the mitigation to the file.we do not need manage team. also in cpanel 110 this is beta. we can ...
-
Mrg created a post,
Case SEC-70235: Fix CVE-2025-66429
Case SEC-70235: Fix CVE-2025-66429 - Local privilege escalation vulnerability due to directory traversal in Team Manager API. CVSS Score: 9.3 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H...
-
Mrg commented,
Ok, and patch only this file manually? Or delete it, we do not need the password reset. An we safe from the issue if the file is not there , or are other thinks impacted too? And why is it critica...
-
Mrg commented,
sure. but sadly not possible yet. we do this next month.
-
Mrg commented,
any mitigations? or can we manually replace some files to patch? or am we safe because of cloudlinux cagefs ? anything would help. many many thanks.