Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

WHMCS Security Issue : 26 Feb 2021
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

WHMCS Security Issue : 26 Feb 2021

XiNiXXiNiX Member, Host Rep
in General

Source : https://blog.whmcs.com/133679/security-update-2021-02-26

A security issue has been identified that affects all versions of WHMCS.

As a result, we have published new releases for all actively supported versions of WHMCS as well as a patch which can be applied to EOL versions 7.7, 7.8 and 7.9. Patches will not be released for any earlier versions of WHMCS.

The issue was reported via our Security Bounty Program and there is no evidence to suggest it is known publicly. We will not be releasing any further details about the issue at this time.

What should I do?
Users of WHMCS 7.10, 8.0 or 8.1 can upgrade to resolve the issue either manually or using the Automatic Updater. We recommend using the Automatic Updater.

Users of WHMCS 7.7, 7.8 and 7.9 can download and apply the patch which has been made available.

Users of WHMCS 7.6 and earlier are recommended to update to WHMCS 7.10 or later.

It is recommended that you upgrade or apply the appropriate patch as soon as possible.

Detailed Instructions
Automatic Update Steps [for users of 7.10, 8.0 and 8.1]
1. Login to your WHMCS Admin Area
2. Navigate to Utilities > Update WHMCS
3. Click Configure Update Settings
4. Select the 'Current Version' Update Channel, then hit Save Changes
5. Click Check Now to check for updates
6. When the check completes, click the Update Now button and follow the wizard based steps

Manual Update Steps [for users of 7.10, 8.0 and 8.1]
1. Visit https://download.whmcs.com/
2. If you are running the immediately preceding version, you can update using the Incremental Patch Set. Select this tab and then choose the appropriate patch for your given version.
3. If you are running any earlier version of WHMCS, you will need to download and update using the full release package for your desired version.
4. Once you have downloaded the appropriate update file, follow the steps within the Readme file to perform the update process.

Patch Steps [for users of 7.7, 7.8 and 7.9]
1. Download the patch here: https://www.whmcs.com/download/1505/security_patch_77_78_79_2021-02-26.zip
2. Extract the files from the zip folder download
3. Upload the files to the root directory of your WHMCS installation to complete the process
(NOTE: Since this is a patch level update only, there will be no visible change in version number reflected within your WHMCS installation)

Thanked by 1niceboy

Comments

Sign In or Register to comment.