CVE-2019-25066
published 2022-06-09CVE-2019-25066: A vulnerability has been found in ajenti 2.1.31 and classified as critical. This vulnerability affects unknown code of the component API. The manipulation…
PriorityP264high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EXPLOIT
EPSS
5.24%
91.5th percentile
A vulnerability has been found in ajenti 2.1.31 and classified as critical. This vulnerability affects unknown code of the component API. The manipulation leads to privilege escalation. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.1.32 is able to address this issue. The name of the patch is 7aa146b724e0e20cfee2c71ca78fafbf53a8767c. It is recommended to upgrade the affected component.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ajenti | ajenti | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor HTTP POST requests to the 'api/core/auth' endpoint for shell metacharacters or command injection payloads within the 'username' parameter. ↗
- →Look for exploitation attempts targeting Ajenti version 2.1.31 specifically, as this is the only confirmed vulnerable version. ↗
- →Alert on privilege escalation activity originating from the Ajenti web application process following authentication API calls. ↗
- ·The vulnerability is fixed in Ajenti 2.1.32. Systems still running 2.1.31 remain exploitable remotely without authentication bypass — only the username POST parameter manipulation is required. ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
2022-06-09
Published