Patching a WHMCS zero day on day zero
On October 3, 2013, a critical zero-day vulnerability was discovered affecting hosting providers using WHMCS. To enhance web security, CloudFlare introduced a ruleset in their Web Application Firewall (WAF) to block the identified attack vector. By enabling the WHMCS Ruleset and following best practices, hosting partners utilizing CloudFlare's WAF can effectively protect themselves from this vulnerability. WHMCS promptly released a patch for the issue at blog.whmcs.com/?t=79427. It is recommended to apply the patch or update WHMCS to version 5.2.8 to address this security concern.
Company
Cloudflare
Date published
Oct. 3, 2013
Author(s)
Dane Knecht
Word count
98
Language
English
Hacker News points
None found.