CVE-2019-25066 – ajenti API privileges management
https://notcve.org/view.php?id=CVE-2019-25066
A vulnerability has been found in ajenti 2.1.31 and classified as critical. This vulnerability affects unknown code of the component API. The manipulation leads to privilege escalation. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/ajenti/ajenti/commit/7aa146b724e0e20cfee2c71ca78fafbf53a8767c https://vuldb.com/?id.143950 https://www.exploit-db.com/exploits/47497 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-269: Improper Privilege Management •
CVE-2018-18548 – AjentiCP 1.2.23.13 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2018-18548
ajenticp (aka Ajenti Docker control panel) for Ajenti through v1.2.23.13 has XSS via a filename that is mishandled in File Manager. ajenticp (también conocido como panel de control de Ajenti Docker) para Ajenti hasta la versión v1.2.23.13 tiene Cross-Site Scripting (XSS) mediante un nombre de archivo que se gestiona de manera incorrecta en File Manager. AjentiCP versions 1.2.23.13 and below suffer from a persistent cross site scripting vulnerability. • https://www.exploit-db.com/exploits/45691 http://packetstormsecurity.com/files/149898/AjentiCP-1.2.23.13-Cross-Site-Scripting.html https://numanozdemir.com/ajenti-xss.txt • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-1000126
https://notcve.org/view.php?id=CVE-2018-1000126
Ajenti version 2 contains an Information Disclosure vulnerability in Line 176 of the code source that can result in user and system enumeration as well as data from the /etc/ajenti/config.yml file. This attack appears to be exploitable via network connectivity to the web application. La versión 2 de Ajenti contiene una vulnerabilidad de divulgación de información en la línea 176 de la fuente de código que puede resultar en el listado de usuarios y sistemas, así como de datos del archivo /etc/ajenti/config.yml. Este ataque parece ser explotable mediante conectividad de red en la aplicación web. • https://medium.com/stolabs/security-issues-on-ajenti-d2b7526eaeee • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2018-1000081
https://notcve.org/view.php?id=CVE-2018-1000081
Ajenti version version 2 contains a Input Validation vulnerability in ID string on Get-values POST request that can result in Server Crashing. This attack appear to be exploitable via An attacker can freeze te server by sending a giant string to the ID parameter .. La versión 2 de Ajenti contiene una vulnerabilidad de validación de entradas en la cadena ID en la petición POST Get-values que puede resultar en el cierre inesperado del servidor. El ataque parece ser explotable, ya que un atacante puede bloquear el servidor enviando una cadena gigante al parámetro ID. • https://medium.com/stolabs/security-issues-on-ajenti-d2b7526eaeee • CWE-20: Improper Input Validation •
CVE-2018-1000082
https://notcve.org/view.php?id=CVE-2018-1000082
Ajenti version version 2 contains a Cross ite Request Forgery (CSRF) vulnerability in the command execution panel of the tool used to manage the server. that can result in Code execution on the server . This attack appear to be exploitable via Being a CSRF, victim interaction is needed, when the victim access the infected trigger of the CSRF any code that match the victim privledges on the server can be executed.. La versión 2 de Ajenti contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) en el panel de ejecución de comandos de la herramienta empleada para gestionar el servidor que puede resultar en la ejecución de código en el servidor. Este ataque parece ser explotable ya que, al tratarse de CSRF, se necesita interacción con la víctima cuando la víctima accede al desencadenante infectado del CSRF, cualquier código que coincida con los privilegios de la víctima en el servidor puede ejecutarse. • https://medium.com/stolabs/security-issues-on-ajenti-d2b7526eaeee • CWE-352: Cross-Site Request Forgery (CSRF) •