Share
## https://sploitus.com/exploit?id=36AAEAF3-4B32-5BE1-817C-7C65B5B446FE
# CVE-2026-48172 - LiteSpeed cPanel Plugin Vulnerability Auditor

[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
[![Python Version](https://img.shields.io/badge/Python-3.8%2B-blue.svg)](https://www.python.org/)

This repository contains a local security compliance and auditing tool designed to detect vulnerable installations of the LiteSpeed User-End cPanel Plugin affected by **CVE-2026-48172**. 

The goal of this project is to assist System Administrators and Security Engineers in identifying and remediating assets before malicious exploitation occurs.

---

## ๐Ÿ” Vulnerability Overview

- **CVE ID**: CVE-2026-48172
- **Severity**: 9.8 CRITICAL (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
- **Weakness**: CWE-266 (Incorrect Privilege Assignment)
- **Affected Components**: LiteSpeed User-End cPanel Plugin (Versions prior to **2.4.7**) and LiteSpeed WHM Plugin (Versions prior to **5.3.1.0**).
- **Description**: The plugin mishandles the Redis enable/disable features (`redisAble`), which allows for incorrect privilege assignment, potentially leading to unauthorized privilege escalation to root.

---

## ๐Ÿ› ๏ธ Features

- **Local Version Audit**: Safely inspects internal configuration paths and cPanel addon metadata to determine the active plugin version.
- **Zero Invasiveness**: Does not interact with web endpoints or send any network payloads.
- **Remediation Guidance**: Provides immediate visibility into whether the current version satisfies the vendor's minimum secure release.

---

## ๐Ÿš€ Getting Started

### Prerequisites

- Python 3.8 or higher installed on the target cPanel server.
- Root or administrative privileges on the host to read standard application directory paths.

### Installation & Usage

1. Clone the repository locally on the server:
   ```bash
   git clone [https://github.com/yourusername/CVE-2026-48172-Auditor.git](https://github.com/yourusername/CVE-2026-48172-Auditor.git)
   cd CVE-2026-48172-Auditor