[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":143,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":150,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":156,"vulnerability-29304":163},[4,15,20,28,34,41,46,53,59,66,71,78,83,90,96,106,112,119,124,130,135],{"title":5,"slug":6,"text":7,"link":8,"external":9,"targets":10,"cta":12,"variant":13,"campaign_id":14},"Compliance - Advanced Pentest Reporting (A-B test)","compliance-advanced-pentest-reporting-1","Stop piecing together reports manually. Upgrade today to unlock instant proof for audits.","https://pentest-tools.com/pricing",false,[11],"/features/advanced-pentest-reporting","Unlock audit-ready reports","primary",null,{"title":16,"slug":17,"text":18,"link":8,"external":9,"targets":19,"cta":12,"variant":13,"campaign_id":14},"Compliance - Advanced Pentest Reporting","compliance-advanced-pentest-reporting","Prove your compliance. Get built-in validation with audit-ready reports.",[11],{"title":21,"slug":22,"text":23,"link":8,"external":9,"targets":24,"cta":26,"variant":27,"campaign_id":14},"Compliance - Integrations (A-B test)","compliance-integrations-1","Disconnected tools will fail your next audit. Unlock the integrations needed for compliance.",[25],"/features/integrations","Connect your stack","secondary",{"title":29,"slug":30,"text":31,"link":8,"external":9,"targets":32,"cta":33,"variant":13,"campaign_id":14},"Compliance - Integrations","compliance-integrations","Disconnected tools hide compliance breaches. Stay audit-ready 24/7 with the right integrations.",[25],"Automate your compliance",{"title":35,"slug":36,"text":37,"link":8,"external":9,"targets":38,"cta":40,"variant":13,"campaign_id":14},"Compliance - ML Classifier (A-B test)","compliance-ml-classifier-1","Ghost vulnerabilities drain time and chip your compliance. Upgrade to WebNetSec to stay audit-ready with 50% fewer FPs.",[39],"/features/machine-learning-classifier","Explore WebNetSec",{"title":42,"slug":43,"text":44,"link":8,"external":9,"targets":45,"cta":40,"variant":13,"campaign_id":14},"Compliance - ML Classifier","compliance-ml-classifier","Put compliance on Auto this year with 50% fewer FPs. Go deeper with the WebNetSec plan.",[39],{"title":47,"slug":48,"text":49,"link":8,"external":9,"targets":50,"cta":52,"variant":13,"campaign_id":14},"Compliance - Network Scanner (A-B test)","compliance-network-scanner-1","Unmapped assets are compliance landmines - upgrade your plan with complete attack surface visibility.",[51],"/network-vulnerability-scanning/network-security-scanner-online","Get deep network scans",{"title":54,"slug":55,"text":56,"link":8,"external":9,"targets":57,"cta":58,"variant":13,"campaign_id":14},"Compliance - Network Scanner","compliance-network-scanner","Map your attack surface and prove infrastructure compliance with the Network Scanner. Available with any plan.",[51],"Upgrade your plan",{"title":60,"slug":61,"text":62,"link":8,"external":9,"targets":63,"cta":65,"variant":13,"campaign_id":14},"Compliance - Pentest Robots (A-B test)","compliance-pentest-robots-1","Don’t leave compliance to chance - deploy Pentest Robots to quickly automate your audit readiness.",[64],"/features/pentest-robots","Automate continuous scans",{"title":67,"slug":68,"text":69,"link":8,"external":9,"targets":70,"cta":65,"variant":13,"campaign_id":14},"Compliance - Pentest Robots","compliance-pentest-robots","Put compliance on Auto with Pentest Robots. Available with any plan.",[64],{"title":72,"slug":73,"text":74,"link":8,"external":9,"targets":75,"cta":77,"variant":13,"campaign_id":14},"Compliance - Sniper: Auto-Exploiter (A-B test)","compliance-sniper-auto-exploiter-1","Deliver audit-ready proof instantly and stay compliant 24/7/365 - only with Sniper: Auto-Exploiter. Available with Pentest Suite.",[76],"/exploit-helpers/sniper","Get proof with Pentest Suite",{"title":79,"slug":80,"text":81,"link":8,"external":9,"targets":82,"cta":77,"variant":13,"campaign_id":14},"Compliance - Sniper: Auto-Exploiter","compliance-sniper-auto-exploiter","Get audit-ready proof and put compliance on Auto with our proprietary Sniper: Auto-exploiter. Available with Pentest Suite.",[76],{"title":84,"slug":85,"text":86,"link":8,"external":9,"targets":87,"cta":89,"variant":13,"campaign_id":14},"Compliance - Website Scanner (A-B test)","compliance-website-scanner-1","Web vulnerabilities let in devastating compliance fines. Stay audit-ready with deep, proprietary scans. Available with the WebNetSec plan.",[88],"/website-vulnerability-scanning/website-scanner","Upgrade to WebNetSec",{"title":91,"slug":92,"text":93,"link":8,"external":9,"targets":94,"cta":95,"variant":13,"campaign_id":14},"Compliance - Website Scanner","compliance-website-scanner","Prove real risk instantly and put compliance on Auto with the Website Scanner. Available with the WebNetSec plan.",[88],"Unlock AppSec compliance",{"title":97,"slug":98,"text":99,"link":100,"external":101,"targets":102,"cta":104,"variant":27,"campaign_id":105},"cPanel & WHM Free Scanner Blog","cpanel-whm-blog","CVE-2026-41940: free scanner for the cPanel auth bypass. ~1.5M instances exposed","/network-vulnerability-scanning/cve-2026-41940-scanner-cpanel-authentication-bypass",true,[103],"/blog","Run a free scan","cpanel-whm",{"title":107,"slug":108,"text":109,"link":100,"external":101,"targets":110,"cta":104,"variant":27,"campaign_id":105},"cPanel & WHM Free Scanner CVE page","cpanel-whm-cve-page","Free scanner: detect CVE-2026-41940 across cPanel & WHM assets now",[111],"/vulnerabilities-exploits/cpanel-and-whm-authentication-bypass-via-session-file-crlf-injection_29257",{"title":113,"slug":114,"text":115,"link":100,"external":101,"targets":116,"cta":118,"variant":13,"campaign_id":105},"cPanel & WHM Free Scanner Homepage","cpanel-whm-free-scanner","FREE CVE-2026-41940 scanner - check your cPanel & WHM targets now!",[117],"/","Check now",{"title":120,"slug":121,"text":122,"link":100,"external":101,"targets":123,"cta":104,"variant":13,"campaign_id":105},"cPanel & WHM Free Scanner Network Scanner","cpanel-whm-network-scanner","New: detect cPanel & WHM auth bypass (CVE-2026-41940) for free!",[51],{"title":125,"slug":126,"text":127,"link":100,"external":101,"targets":128,"cta":104,"variant":27,"campaign_id":105},"cPanel & WHM Free Scanner Vulndb index","cpanel-whm-vulndb-index","New: free scanner for the cPanel & WHM authentication bypass (CVE-2026-41940)",[129],"/vulnerabilities-exploits",{"title":131,"slug":132,"text":133,"link":100,"external":101,"targets":134,"cta":104,"variant":27,"campaign_id":105},"cPanel & WHM Free Scanner Website Scanner","cpanel-whm-website-scanner","New: free scanner for cPanel & WHM auth bypass (CVE-2026-41940)",[88],{"title":136,"slug":137,"text":138,"link":139,"external":101,"targets":140,"cta":141,"variant":13,"campaign_id":142},"Office hours #3 - session 1","office-hours-3-session-1","Got 45 minutes on Wednesday? We're going live with Office Hours!","https://zoom.us/webinar/register/5517785142308/WN_hWqbS--1TtCjvZZ2GTKkOQ",[117],"Save your seat","office-hours-3",["Island",144],{"key":145,"params":146,"result":148},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":147},"{}",{"head":149},{},["Island",151],{"key":152,"params":153,"result":154},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":147},{"head":155},{},["Island",157],{"key":158,"params":159,"result":161},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":160},"{\"text-color\":\"gray\"}",{"head":162},{},{"id":164,"detectable_with":165,"vuln_details":172,"vuln_id":181,"name":182,"published":183,"updated":14},29304,{"tool":166,"engine":169},{"id":167,"name":168},1,"Network Scanner",{"id":170,"name":171},2,"Nuclei",{"id":164,"codename":14,"description":14,"severity":173,"risk_description":174,"public_description":175,"public_recommendation":176,"recommendation":14,"references":177,"cvssv3":14,"epss_score":14,"epss_percentile":14,"cve":14,"in_cisa_catalog":9,"date":14,"software_type":14,"vendor":14,"product":14,"ptt_exploit_capabilities":14},"medium","The risk exists that the data is unknowingly exposed to the internet, making it accessible to remote threat actors that can leverage it to attack the target, or the entire company, depending on the sensitivity of the data.","LiteLLM proxy was detected with anonymous access to the model listing API. LiteLLM proxies that ship without `general_settings.master_key` (or with the key disabled) expose the configured upstream model catalog via /v1/models and /model/info — revealing which OpenAI / Anthropic / Azure / Bedrock / local-LLM endpoints are wired in, often along with their litellm_params routing config, and frequently leaving /chat/completions and /embeddings reachable without any bearer token.","Set `general_settings.master_key: sk-...` in the LiteLLM config, or pass `--api_key` on startup. Enforce per-user virtual keys via the LiteLLM admin API and place the proxy behind authenticated reverse proxy or service mesh.",[178,179,180],"https://docs.litellm.ai/docs/proxy/virtual_keys","https://docs.litellm.ai/docs/proxy/configs","https://github.com/BerriAI/litellm","NETSCAN-NUCLEI-EXPOSURES-LITELLM-UNAUTH-MODEL-EXPOSURE","LiteLLM Proxy - Model Exposure","2026-05-14T00:00:00Z"]