Recently, Qualys, a cyber-security firm specializing in cloud security and compliance, reported that it had discovered a very dangerous vulnerability in Exim installations running versions 4.87 to 4.91. Exim is the mail server software that runs on Unix-like systems, such as cPanel and WHM, to relay emails from senders to recipients. This exploit allows attackers to execute code as the root user on your server without authentication.

cPanel has released an update to patch this vulnerability for Versions 70, 76 and 78. If you are a shared hosting customer, we have already applied the relevant patches and there is no further action required for you.

For VPS and dedicated server customers, to ensure that your server receives the patch, please update to one of the following versions:

Tier Version
70 70.0.69
76 76.0.22
78 78.0.27

cPanel and WHM Versions 70 and 76 remain End of Life and will not receive other updates. Version 80 is not vulnerable, as it included a newer (and non-vulnerable) version of Exim.

To confirm you are running a patched version, you can run this command on the server:

rpm -q exim

The output will show you the Exim version that is installed in your server and should look similar to this:

For Version 78: exim-4.92-1.cp1178.x86_64
For Version 80: exim-4.92-1.cp1180.x86_64

There are currently no known workarounds and Canadian Web Hosting strongly recommends that you upgrade your server to a patched version. Please refer to the CVE-2019-10149 Exim page for more information.

Customers with any questions or concerns, please contact our support team at 1-604-283-2127 or e-mail