cPanel prior to 55.9999.141 allows malicious users to bypass Two Factor Authentication via DNS clustering requests (SEC-93).
cpanel cpanel