CVE-2025-66429

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

11/12/2025

Last modified:

11/12/2025

Description

An issue was discovered in cPanel 110 through 132. A directory traversal vulnerability within the Team Manager API allows for overwrite of an arbitrary file. This can allow for privilege escalation to the root user.

Impact

References to Advisories, Solutions, and Tools

https://docs.cpanel.net/changelogs/126-change-log/
https://docs.cpanel.net/release-notes/release-notes/