vePortal security issues

vePortal security issues

vePortal has known about the flaws for several months now and hasn’t taken any real steps into getting them resolved. A leading server management and security company Rack911 had discovered many vePortal security issues however there were never fixed. Also, we could not see any latest release announcement on vePortal website.

WHMCS Complete Billing and Support

If your business depends on vePortal then you are at an extremely high risk of being compromised due to a significant amount of un-patched security vulnerabilities within the product. Currently vePortal security issues are not published publically. If it is someone post them then it will be zero day exploite. As per Rack911 it is possible to gain admin / root access without having account within vePortal.

There is an ongoing discussion on this matter at WebHostingTalk forum.

http://www.webhostingtalk.com/showthread.php?t=1362136

If is highly recommend to move to other VPS control panel before vePortal security issues are published.

Posted in Security.