1 results (0.013 seconds)
CVSS: 8.8EPSS: 3%CPEs: 1EXPL: 2
CVSS: 8.8EPSS: 3%CPEs: 1EXPL: 2CVE-2019-25066 – ajenti API privileges management
https://notcve.org/view.php?id=CVE-2019-25066
A vulnerability has been found in ajenti 2.1.31 and classified as critical. This vulnerability affects unknown code of the component API. The manipulation leads to privilege escalation. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/ajenti/ajenti/commit/7aa146b724e0e20cfee2c71ca78fafbf53a8767c https://vuldb.com/?id.143950 https://www.exploit-db.com/exploits/47497 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-269: Improper Privilege Management •