virus logo Intrusion Prevention

Ajenti.AUTH.Username.Command.Injection

description-logoDescription

This indicates an attack attempt to exploit a Remote Code Execution Vulnerability in Ajenti.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. A remote, unauthenticated attacker can exploit this vulnerability via crafted HTTP requests. Successful exploitation could result in arbitrary code execution in the context of the server application.

affected-products-logoAffected Products

Ajenti version 2.1.31

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://github.com/ajenti/ajenti/commit/7aa146b724e0e20cfee2c71ca78fafbf53a8767c

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-12-31 15.751 Default_action:pass:drop
2019-12-18 15.747

References

47497 https://github.com/ajenti/ajenti/commit/7aa146b724e0e20cfee2c71ca78fafbf53a8767c
ID 48591
Created Dec 18, 2019
Updated Dec 30, 2019
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID
Default Action drop
Active
Affected OS Linux, BSD
Affected App Other