CNNVD-202601-4934 Information

CNNVD ID

CNNVD-202601-4934

Related CVE

CVE-2020-37002

• CNNVD Published: 2026-01-29

Description (Chinese)

ajenti是ajenti开源的一个 Linux 和 BSD 模块化服务器管理面板。 ajenti 2.1.36版本存在操作系统命令注入漏洞，该漏洞源于身份验证绕过，可能导致远程攻击者执行任意命令。

Description (English)

ajenti is a Linux and BSD modular server management panel of the ajenti open source. Version 2.1.36 of ajenti 2.1.36 contains a loophole in the operating system, which arises from a circumvention of identification, which may lead to arbitrary orders being carried out by remote assailants.

Hazard Level

Low

Vulnerability Type

操作系统命令注入

Affected Vendor

ajenti

Published

2026-01-29

Last Modified

2026-02-24

References

https://github.com/ajenti/ajenti https://www.exploit-db.com/exploits/48929 https://www.vulncheck.com/advisories/ajenti-remote-code-execution

Patch

https://github.com/ajenti/ajenti/releases