Privilege-escalation vulnerability in the LiteSpeed User-End cPanel Plugin
From Litespeed's Slack channel:
[URGENT — Security Advisory]
A privilege-escalation vulnerability has been identified in the LiteSpeed
User-End cPanel Plugin. This issue is being actively exploited in the wild.
Affected: LiteSpeed User-End cPanel Plugin
Not affected: LiteSpeed WHM Plugin (the parent plugin)
Status: Fix in progress. This advisory will be updated when a patched
version is released.
ACTION REQUIRED (immediately):
Remove the LiteSpeed User-End cPanel Plugin and disable its auto-install.
Either method below is sufficient:
Option A — WHM UI
In the LiteSpeed WHM plugin, click the user-end plugin's "Disable" /
"Uninstall" button, then turn "Auto Install" OFF.
Option B — Command line (as root)
/usr/local/lsws/admin/misc/lscmctl cpanelplugin --uninstall
/usr/local/lsws/admin/misc/lscmctl cpanelplugin --autoinstall 0
After running these steps, the user-end plugin will no longer be present
on existing accounts and will not be re-installed on new ones.
We will follow up as soon as the patched version is available. Please
contact LiteSpeed support if you need assistance.