ajenti.plugin.core hat ein Passwort-Bypass wenn 2FA aktiviert ist
Plattform
python
Komponente
ajenti
Behoben in
0.112.1
0.112
CVE-2026-40177 describes a critical authentication bypass vulnerability affecting Ajenti versions 0.0.0 through 0.111. An attacker can bypass password authentication, even when two-factor authentication (2FA) is enabled, potentially gaining unauthorized access to the system. This vulnerability is fixed in version 0.112, and immediate upgrading is strongly recommended.
Erkenne diese CVE in deinem Projekt
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.
Auswirkungen und Angriffsszenarien
Successful exploitation of CVE-2026-40177 allows an attacker to bypass the standard authentication mechanism in Ajenti, even with 2FA enabled. This grants them complete control over the server managed by the panel. The potential impact is severe, including unauthorized modification of server configurations, data exfiltration, installation of malware, and complete system compromise. Given Ajenti's role as a server management interface, this vulnerability could provide a foothold for broader network attacks, enabling lateral movement to other systems within the infrastructure. The blast radius extends to any data or services hosted on the compromised server.
Ausnutzungskontext
CVE-2026-40177 was publicly disclosed on 2026-04-10. As of this writing, it is not listed on the CISA KEV catalog. The availability of a public proof-of-concept is currently unknown, but the ease of exploitation suggested by the bypass description raises concerns about potential rapid exploitation. Monitor security advisories and threat intelligence feeds for updates.
Wer Ist Gefährdetwird übersetzt…
Organizations utilizing Ajenti for system management and configuration, particularly those relying on 2FA for enhanced security, are at significant risk. Environments with legacy Ajenti installations or those lacking robust patching processes are especially vulnerable. Shared hosting environments where multiple users share an Ajenti instance also face increased risk.
Erkennungsschrittewird übersetzt…
• python / server:
import subprocess
result = subprocess.run(['ajenti', '--version'], capture_output=True, text=True)
if result.stdout.strip() < '0.112':
print('Vulnerable Ajenti version detected!')Angriffszeitlinie
- Disclosure
disclosure
Bedrohungsanalyse
Exploit-Status
EPSS
0.09% (25% Perzentil)
CISA SSVC
Betroffene Software
Schwachstellen-Klassifikation (CWE)
Zeitleiste
- Reserviert
- Veröffentlicht
- Geändert
- EPSS aktualisiert
Mitigation und Workarounds
The primary mitigation for CVE-2026-40177 is to immediately upgrade Ajenti to version 0.112 or later. If upgrading is not immediately feasible due to compatibility issues or testing requirements, consider temporarily disabling 2FA as a partial mitigation, although this significantly reduces security. While a WAF or proxy cannot directly prevent this bypass, it can be configured to monitor for unusual activity originating from the Ajenti panel after authentication. There are no specific Sigma or YARA rules available at this time, but monitoring Ajenti's access logs for suspicious login attempts is recommended.
So beheben
Aktualisieren Sie das Ajenti-Plugin auf Version 0.112 oder höher, um die Passwort-Bypass-Schwachstelle zu beheben, wenn die Zwei-Faktor-Authentifizierung (2FA) aktiviert ist. Dieses Update behebt das Problem, indem sichergestellt wird, dass die Passwort-Authentifizierung auch mit aktivierter 2FA korrekt durchgeführt wird.
CVE-Sicherheitsnewsletter
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
Häufig gestellte Fragenwird übersetzt…
What is CVE-2026-40177 — Authentication Bypass in Ajenti?
CVE-2026-40177 is a critical vulnerability in Ajenti versions 0.0.0 through 0.111 that allows attackers to bypass password authentication, even when 2FA is enabled, potentially granting unauthorized system access.
Am I affected by CVE-2026-40177 in Ajenti?
If you are running Ajenti versions 0.0.0 through 0.111, you are potentially affected by this vulnerability. Check your Ajenti version and upgrade immediately if necessary.
How do I fix CVE-2026-40177 in Ajenti?
The recommended fix is to upgrade Ajenti to version 0.112 or later. If an immediate upgrade is not possible, consider temporarily disabling 2FA as a short-term workaround.
Is CVE-2026-40177 being actively exploited?
As of the current date, there are no confirmed reports of active exploitation of CVE-2026-40177, but the critical severity warrants immediate attention and patching.
Where can I find the official Ajenti advisory for CVE-2026-40177?
Refer to the official Ajenti security advisory for detailed information and updates regarding CVE-2026-40177. (Note: Specific advisory URL not provided in input data.)
Ist dein Projekt betroffen?
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.