Dear Customers,
We regret to inform you that a critical security vulnerability has been identified in cPanel software affecting all currently supported versions. This vulnerability relates to an authentication login exploit that could allow unauthorized access to the control panel.
As an immediate precautionary measure, we have applied a firewall rule to block access to TCP ports 2083 and 2087. Please note that this will temporarily restrict access to your cPanel and WHM interfaces until a full patch is available.
Maintenance window: Ongoing until an official patch is released by cPanel.
Possible impact: Access to cPanel/WHM control panels, functionality of Webmail, Webdisk, and SSL connections will be unavailable during this period
Affected services: cPanel and WHM access, SSL and non-SSL connections, Webmail, and Webdisk.
Our team is actively monitoring the situation and will apply the official patch across all supported servers as soon as it becomes available. Access to your control panels will be restored immediately once the patch has been successfully deployed.
We sincerely apologize for the inconvenience this may cause and thank you for your patience and understanding as we work to protect the security of your services.
Kind regards,
Namecheap Support Team
Update @ 3:45 PM EDT | 19:45 UTC
The maintenance has started.
Update @ 6:35 PM EDT | 22:35 UTC
We are glad to let you know that cPanel has released a patch note with the fix, and we are already in the process of applying it. The ETA is around 2-3 hours. Your patience is highly appreciated.