The security hole in WhmCS template is pretty large and could allow a hacker to compromise the entire domain.
The security breach comes to light when an attacker tries to send a request for a template that uses an unencrypted SMTP connection to a server running WhmCs template.
When the request is made, the server fails to connect to a valid SMTP server, and WhmCsv fails to parse the request.
In a followup email, WhmSvc attempts to verify the email account by connecting to the SMTP host, which the attacker successfully does.
This email, however, fails to authenticate, and a user is then redirected to the URL of an exploit tool that allows an attacker to remotely compromise the domain.
This is the first security breach reported to WhmTech, which has issued a patch to fix the vulnerability, which is already being used by many WhmSys users.
The vulnerability was first discovered in the early hours of December 13th, 2017, when the attacker sent a request to WhsCsv.com to get a template.
It is not clear what the template provider, Whomcs, provided to the attacker.
Whmc’s template, which can be found on the WhmCat security platform, allows users to send emails and sign in to a website with an unauthenticated SMTP email account, which allows an unsecure password to be sent to the site.
When a user attempts to sign in using a password that the template does not have, WhsCs template will not connect to the server, leading to the request being rejected.
Whscs template is not the only template provider that uses SMTP for SMTP connections.
Other popular SMTP providers, such as Thunderbird and MailChimp, use SMTP to connect users to websites, but the latter provider also uses SMTTP for all requests.
WhcSvc, which was previously a Whmcats secure template, has been removed from Whmcat and is now listed as the default template provider on WhmChats.com.
A user attempting to send an email using Whscat’s template will see an error message that says the email should not be sent.
However, the email is sent.
In addition, the template is still usable by the attacker, who can send an exploit script to WhmsCat.com, which will execute and infect the domain with a malicious file called wget.txt.
This exploit can be used to steal credentials from the domain, but it will not allow a user to log in or remotely execute commands.
Whamcat has patched the issue and WhamCS template users will be able to send email with the SMTPD password, but not sign in.
This update is also available to Whamcats security-focused customers.
This post is updated with additional details and information about the security issue.