Apache HTTP Server Configuration Injection in cPanel (SEC-416)

Apache HTTP Server Configuration Injection in cPanel (SEC-416)

CVE-2018-20885 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

cPanel before 74.0.0 allows Apache HTTP Server configuration injection because of DocumentRoot variable interpolation (SEC-416).

Learn more about our Cis Benchmark Audit For Apache Http Server.