A vulnerability was discovered in the File Manager of cPanel WysiwygPro editor. Any file hosted on a cPanel server with File Manager editor can be edited without any authorization.

Workaround
chmod 000 /usr/local/cpanel/3rdparty/WysiwygPro

I've posted the full article with a quick workaround (Proof of concept disclosed).

edit: do not go to my site!

Thanks for taking the time to post this.

The current builds in EDGE already have fixed this issue. I suspect it will take a while for them to get it to the higher trees considering how many changes they made (and still making) in the recent days.

I did and support doing the above change for all cPanel boxes uses a tree other than EDGE.

Thanks for the heads up!

Thanks for the heads up

Thanks,,,,,,,,,, Kepp updating new tips plz....

Has this been fixed in the stable builds yet?

Hi,

I am not saying this caused my problem but I ran the chmod command (cut and paste) and logged out. I then went to log back in a couple of moments later and could not. It appears my ssh has failed right after doing the workaround. I tried to restart it using WHM and it starts and then fails again. Any idea why?

Kind Regards,
Les

That chmod command shouldn't affect your SSHD server in any way. Have you opened a support ticket on the failing ssh server?

This workaround, like klaude said, has got nothing to do with sshd. Something else is troubling you. If you want me to try and fix the sshd issue for free drop me a PM and save a few bucks.