fevar54/CVE-2026-48172---LiteSpeed-cPanel-Plugin-Version-Auditor

# CVE-2026-48172 - LiteSpeed cPanel Plugin Vulnerability Auditor [](https://opensource.org/licenses/MIT) [](https://www.python.org/) This repository contains a local security compliance and auditing tool designed to detect vulnerable installations of the LiteSpeed User-End cPanel Plugin affected by **CVE-2026-48172**. The goal of this project is to assist System Administrators and Security Engineers in identifying and remediating assets before malicious exploitation occurs. ## 🔍 Vulnerability Overview - **CVE ID**: CVE-2026-48172 - **Severity**: 9.8 CRITICAL (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) - **Weakness**: CWE-266 (Incorrect Privilege Assignment) - **Affected Components**: LiteSpeed User-End cPanel Plugin (Versions prior to **2.4.7**) and LiteSpeed WHM Plugin (Versions prior to **5.3.1.0**). - **Description**: The plugin mishandles the Redis enable/disable features (`redisAble`), which allows for incorrect privilege assignment, potentially leading to unauthorized privilege escalation to root. ## 🛠️ Features - **Local Version Audit**: Safely inspects internal configuration paths and cPanel addon metadata to determine the active plugin version. - **Zero Invasiveness**: Does not interact with web endpoints or send any network payloads. - **Remediation Guidance**: Provides immediate visibility into whether the current version satisfies the vendor's minimum secure release. ## 🚀 Getting Started ### Prerequisites - Python 3.8 or higher installed on the target cPanel server. - Root or administrative privileges on the host to read standard application directory paths. ### Installation & Usage 1. Clone the repository locally on the server: git clone [https://github.com/yourusername/CVE-2026-48172-Auditor.git](https://github.com/yourusername/CVE-2026-48172-Auditor.git) cd CVE-2026-48172-Auditor