Posts Tagged ‘Plesk’

Plesk Zero-Day Exploit

Plesk Zero-Day Exploit

Published zero-day exploit to attack the system with Plesk control panel

More than 360,000 Apache websites imperiled by critical Plesk vulnerability

Publicly available attack code exploits remote-code bug in Plesk admin panel and  allows execution of arbitrary code on the web-servers that are running Plesk (the web hosting control panel).

The problem is tested on systems with Plesk 8.6, 9.0, 9.2, 9.3 and 9.5.4 running under Linux and FreeBSD (other systems have not been tested and may also vulnerable). The vulnerability remains unpatched. According to preliminary estimates, the Web is about 360,000 potentially vulnerable servers on which the panel is installed Plesk. (more…)