- ResolvedResolved
All servers have been patched. If you are experiencing any issues moving forward, please contact Technical Support.
- IdentifiedIdentified
Update: cPanel released a patch a few minutes ago. We're verifying it and rolling it out to all affected servers. Access should be restored within the next hour.
- InvestigatingInvestigating
Status: Investigating / Mitigation in place
cPanel has disclosed a critical authentication vulnerability affecting all currently supported versions of cPanel & WHM. No patch is available at this time.
As a precaution, and following cPanel's own guidance, we have temporarily blocked external access to the following ports across our shared and reseller hosting fleet:
2083 / 2087 — cPanel & WHM (SSL)
2082 / 2086 — cPanel & WHM (non-SSL)
2095 / 2096 — Webmail
2077 / 2078 — Webdisk (where enabled)
Impact: Customers will be unable to log in to cPanel, WHM, or Webmail via the browser until the restriction is lifted. Websites, email delivery (SMTP/IMAP/POP), DNS, and databases are not affected and continue to operate normally.
What we're doing: We are monitoring cPanel's advisory channel and will deploy the official patch across all affected servers as soon as it is released, after which access will be restored. If you require urgent access to your cPanel account in the meantime, please open a ticket with our support team and we can assist on a case-by-case basis.
We apologise for the inconvenience and appreciate your patience while we prioritise the security of your data and infrastructure.
Update: cPanel released a patch a few minutes ago. We're verifying it and rolling it out to all affected servers. Access should be restored within the next hour.