## https://sploitus.com/exploit?id=36AAEAF3-4B32-5BE1-817C-7C65B5B446FE
# CVE-2026-48172 - LiteSpeed cPanel Plugin Vulnerability Auditor
[](https://opensource.org/licenses/MIT)
[](https://www.python.org/)
This repository contains a local security compliance and auditing tool designed to detect vulnerable installations of the LiteSpeed User-End cPanel Plugin affected by **CVE-2026-48172**.
The goal of this project is to assist System Administrators and Security Engineers in identifying and remediating assets before malicious exploitation occurs.
---
## ๐ Vulnerability Overview
- **CVE ID**: CVE-2026-48172
- **Severity**: 9.8 CRITICAL (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
- **Weakness**: CWE-266 (Incorrect Privilege Assignment)
- **Affected Components**: LiteSpeed User-End cPanel Plugin (Versions prior to **2.4.7**) and LiteSpeed WHM Plugin (Versions prior to **5.3.1.0**).
- **Description**: The plugin mishandles the Redis enable/disable features (`redisAble`), which allows for incorrect privilege assignment, potentially leading to unauthorized privilege escalation to root.
---
## ๐ ๏ธ Features
- **Local Version Audit**: Safely inspects internal configuration paths and cPanel addon metadata to determine the active plugin version.
- **Zero Invasiveness**: Does not interact with web endpoints or send any network payloads.
- **Remediation Guidance**: Provides immediate visibility into whether the current version satisfies the vendor's minimum secure release.
---
## ๐ Getting Started
### Prerequisites
- Python 3.8 or higher installed on the target cPanel server.
- Root or administrative privileges on the host to read standard application directory paths.
### Installation & Usage
1. Clone the repository locally on the server:
```bash
git clone [https://github.com/yourusername/CVE-2026-48172-Auditor.git](https://github.com/yourusername/CVE-2026-48172-Auditor.git)
cd CVE-2026-48172-Auditor