CVE-2026-29201
Arbitrary File Read in Adminbin via Feature File Name
Publication date: 2026-05-08
Last updated on: 2026-05-08
Assigner: HackerOne
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| cpanel | whm | From 11.136.0.9 (inc) |
| wp_squared | wp_squared | From 11.136.1.10 (inc) |
| cpanel | whm | v110.0.114 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-20 | The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves insufficient input validation in the feature file name parameter of the `feature::LOADFEATUREFILE` adminbin call. Specifically, when a relative file path is provided, it can lead to arbitrary file read, meaning an attacker could potentially read files on the system that they should not have access to.
How can this vulnerability impact me? :
The impact of this vulnerability is that an attacker could exploit it to read arbitrary files on the affected system. This could lead to unauthorized access to sensitive information, potentially exposing confidential data or system files.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves an arbitrary file read via the feature::LOADFEATUREFILE adminbin call when a relative file path is passed. Detection would involve verifying the cPanel version to see if it is vulnerable.
You can check your current cPanel version using the command:
- /usr/local/cpanel/cpanel -V
If the version is older than 11.136.0.9, your system may be vulnerable.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, you should update your cPanel & WHM installation to a patched version.
- Run the update command: /scripts/upcp --force
- Verify the update with: /usr/local/cpanel/cpanel -V
For users on older systems like CentOS 6 or CloudLinux 6, update directly to version v110.0.114.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows arbitrary file read through insufficient input validation, potentially exposing sensitive files to unauthorized access.
Such unauthorized disclosure of sensitive information could lead to non-compliance with data protection regulations like GDPR and HIPAA, which require strict controls over access to personal and protected health information.
Therefore, if exploited, this vulnerability may compromise confidentiality obligations under these standards.