## https://sploitus.com/exploit?id=CF7F5C86-A14A-5266-BBE6-6FBEB8CD6898
# CVE-2026-41940 โ cPanel2Shell
> Interactive exploitation tool for **CVE-2026-41940**
---
## ๐ง What is CVE-2026-41940 ?
**cPanel2Shell** exploits a critical Authentication Bypass flaw in **cPanel & WHM**.
The vulnerability is caused by a **CRLF injection** in the login/session handling mechanism,
allowing an unauthenticated attacker to bypass authentication entirely โ no password, no phishing.
If the target runs **cPanel/WHM > v11.40** or **WP Squared**, it may be vulnerable.
> ๐ด **CVSS Score: 9.8 (Critical)** โ Pre-auth, remotely exploitable
> ๐ ~1.5 million cPanel instances exposed on the internet
---
## โ ๏ธ Disclaimer
For **educational and authorized pentesting purposes only.**
The author is not responsible for any misuse or damage caused by this tool.
---
## ๐ฆ Installation
```bash
git clone https://github.com/yurahshell/CVE-2026-41940
cd CVE-2026-41940
pip install -r requirements.txt
```
---
## ๐ฏ Affected Versions
| Software | Affected Versions |
|----------------|---------------------------|
| cPanel & WHM | All versions after v11.40 |
| WP Squared | v136.1.7 and below |
---
## ๐ References
- [NVD - CVE-2026-41940](https://nvd.nist.gov/vuln/detail/CVE-2026-41940)
- [watchTowr Technical Analysis](https://watchtowrlabs.com)
- [Rapid7 ETR](https://www.rapid7.com/blog/post/etr-cve-2026-41940-cpanel-whm-authentication-bypass/)
- [CISA KEV Catalog](https://www.cisa.gov/known-exploited-vulnerabilities-catalog)