Critical cPanel & WHM Authentication Bypass Vulnerability Exploited as Zero-Day for Months

A critical authentication bypass vulnerability in cPanel & WHM has been exploited as a zero-day for months, allowing attackers to gain administrative access to vulnerable servers. The flaw specifically enables unauthorized users to bypass authentication mechanisms and take control of affected systems. No specific CVE ID, technical details, or exact timeline for the exploitation period were provided in the report. The vulnerability affects cPanel & WHM, a widely used web hosting control panel platform. The impact includes full administrative compromise of servers running the software. No mitigation steps or patches were mentioned in the available content.