CVE-2004-1769
CVE-2004-1769 is a critical-severity vulnerability in Cpanel with a CVSS 2.0 base score of 10.0. Its EPSS exploit-prediction score of 30% places it in the 98th percentile, indicating an elevated likelihood of exploitation.
Key facts
- Severity: Critical (CVSS 2.0 base score 10.0)
- EPSS exploit prediction: 30% (98th percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Cpanel
- Published:
- Last modified:
Description
The "Allow cPanel users to reset their password via email" feature in cPanel 9.1.0 build 34 and earlier, including 8.x, allows remote attackers to execute arbitrary code via the user parameter to resetpass.
Frequently asked questions
- What is CVE-2004-1769?
- The "Allow cPanel users to reset their password via email" feature in cPanel 9.1.0 build 34 and earlier, including 8.x, allows remote attackers to execute arbitrary code via the user parameter to resetpass.
- How severe is CVE-2004-1769?
- CVE-2004-1769 has a CVSS 2.0 base score of 10.0, rated critical severity.
- Is CVE-2004-1769 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 30% (98th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2004-1769?
- CVE-2004-1769 primarily affects Cpanel. In total, 12 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2004-1769?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its critical severity, prioritise patching exposed systems.
- When was CVE-2004-1769 published?
- CVE-2004-1769 was published on 2004-03-11 and last updated on 2026-06-16.
References
- http://marc.info/?l=bugtraq&m=107904890724201&w=2
- http://secunia.com/advisories/11111
- http://www.kb.cert.org/vuls/id/831534
- http://www.securityfocus.com/archive/1/357064/2004-03-08/2004-03-14/0
- http://www.securityfocus.com/bid/9848
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15443
Affected products (12)
- cpe:2.3:a:cpanel:cpanel:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:cpanel:cpanel:5.3:*:*:*:*:*:*:*
- cpe:2.3:a:cpanel:cpanel:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:cpanel:cpanel:6.2:*:*:*:*:*:*:*
- cpe:2.3:a:cpanel:cpanel:6.4:*:*:*:*:*:*:*
- cpe:2.3:a:cpanel:cpanel:6.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:cpanel:cpanel:6.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:cpanel:cpanel:6.4.2_stable_48:*:*:*:*:*:*:*
- cpe:2.3:a:cpanel:cpanel:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:cpanel:cpanel:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:cpanel:cpanel:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:cpanel:cpanel:9.1:*:*:*:*:*:*:*
More vulnerabilities in Cpanel
- CVE-2004-1770 — Critical (CVSS 10.0): The login page for cPanel 9.1.0, and possibly other versions, allows remote attackers to execute arbitrary code via…
- CVE-2003-1425 — Critical (CVSS 10.0): guestbook.cgi in cPanel 5.0 allows remote attackers to execute arbitrary commands via the template parameter.
- CVE-2026-41940 — Critical (CVSS 9.8): cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows…
- CVE-2020-26108 — Critical (CVSS 9.8): cPanel before 88.0.13 mishandles file-extension dispatching, leading to code execution (SEC-488).
- CVE-2020-26105 — Critical (CVSS 9.8): In cPanel before 88.0.3, insecure chkservd test credentials are used on a templated VM (SEC-554).
- CVE-2020-26101 — Critical (CVSS 9.8): In cPanel before 88.0.3, insecure RNDC credentials are used for BIND on a templated VM (SEC-549).