In cPanel prior to 98.0.1, /scripts/cpan_config performs unsafe operations on files (SEC-589).
cpanel cpanel