A critical security vulnerability has been discovered in Parallels Plesk that allows attackers to gain administrative access to the server through the web interface.
Affected Versions
Various versions of Parallels Plesk Panel are affected. We strongly recommend updating to the latest available version.
Severity of the Vulnerability
The vulnerability allows:
- Unauthenticated access to the Plesk Panel
- Execution of commands with root privileges
- Access to customer data and configurations
Actions Taken by INGATE
Managed Server Customers
All Managed Servers running Plesk have been immediately updated to the patched version. Additionally, we have restricted access to the Plesk Panel via firewall.
Root Server Customers
We strongly recommend:
- Update Plesk via the Parallels Installer
- Restrict access to the Plesk Panel via firewall
- Check your logs for suspicious access attempts
For questions or support needs, contact us at info@ingate.de.
