World-readable archive vulnerability in cPanel before 68.0.27 (SEC-355)

World-readable archive vulnerability in cPanel before 68.0.27 (SEC-355)

CVE-2018-20946 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

cPanel before 68.0.27 allows attackers to read zone information because a world-readable archive is created by the archive_sync_zones script (SEC-355).

Learn more about our Web Application Penetration Testing UK.