We are writing today to notify clients of a critical security vulnerability in the SolusVM WHMCS Module Version 3.16. While SolusVM's WHMCS Module is not part of the default WHMCS release package, we know that many of our users use WHMCS in conjunction with SolusVM and therefore we are posting/emailing everyone as a precaution.

How to Check If You Are Affected
The SolusVM Module is not shipped with, or by WHMCS. Thus, only if you've installed this module yourself would you be at risk. You can verify by checking if the directory /path/to/whmcs/modules/servers/solusvmpro/ exists. If it does not, you are not vulnerable, and require no further action.

How to Protect Yourself
The update to the SolusVM module can be found in the following blog post from SolusVM on their own website: https://blog.soluslabs.com/2013/06/24/whmcs-module-update-security/

Be sure to also check the SolusVM blog homepage @ https://blog.soluslabs.com/ for details of the latest security related updates to the core SolusVM application.