cPanel & WHM auth bypass hits hosts

This is a management-plane compromise, not just another web app bug: if WHM falls, the attacker can inherit control over every site, database, and account on that server.

• –The vulnerability appears to stem from CRLF injection in session handling, which makes it especially dangerous because it bypasses the normal trust boundary before admin access is established
• –cPanel's advisory and third-party research both point to immediate patching as the only real fix; workarounds like blocking panel ports are stopgaps, not a finish line
• –The blast radius is large because cPanel is common in shared hosting, so one compromised host can expose many downstream customer sites at once
• –Rapid7 and NVD both frame this as an unauthenticated remote takeover issue with CVSS 9.8 severity, so defenders should treat exposed instances as high-priority assets
• –Operationally, this is a reminder that hosting control panels are crown-jewel infrastructure and deserve tighter network restriction, log review, and incident response playbooks