Multiple vulnerabilities reported in Parallels Plesk Sitebuilder
Description
Parallels Plesk Sitebuilder contains multiple vulnerabilities that allow unauthorized access and code execution. The product includes an ISAPI filter (sitepreview.dll) that can be exploited to bypass firewall restrictions and gain unauthorized access to the Sitebuilder administrative interface on port 2006. Once accessed, attackers can leverage the interface to upload malicious files and execute arbitrary code on the server without authentication.
Remediation
Immediately upgrade Parallels Plesk Sitebuilder to the latest patched version available from Parallels. As interim mitigation measures: (1) Restrict network access to port 2006 using host-based firewall rules to allow only trusted IP addresses, (2) Review and disable the sitepreview.dll ISAPI filter if not required for business operations, (3) Monitor web server logs for suspicious access attempts to the Sitebuilder interface, and (4) Conduct a security audit to identify any unauthorized file uploads or modifications that may have occurred prior to patching.