Plattform
python
Komponente
ajenti
Behoben in
0.112.1
0.112
CVE-2026-40177 describes a critical authentication bypass vulnerability affecting Ajenti versions 0.0.0 through 0.111. An attacker can bypass password authentication, even when two-factor authentication (2FA) is enabled, potentially gaining unauthorized access to the system. This vulnerability is fixed in version 0.112, and immediate upgrading is strongly recommended.
Successful exploitation of CVE-2026-40177 allows an attacker to bypass the standard authentication mechanism in Ajenti, even with 2FA enabled. This grants them complete control over the server managed by the panel. The potential impact is severe, including unauthorized modification of server configurations, data exfiltration, installation of malware, and complete system compromise. Given Ajenti's role as a server management interface, this vulnerability could provide a foothold for broader network attacks, enabling lateral movement to other systems within the infrastructure. The blast radius extends to any data or services hosted on the compromised server.
CVE-2026-40177 was publicly disclosed on 2026-04-10. As of this writing, it is not listed on the CISA KEV catalog. The availability of a public proof-of-concept is currently unknown, but the ease of exploitation suggested by the bypass description raises concerns about potential rapid exploitation. Monitor security advisories and threat intelligence feeds for updates.
Organizations utilizing Ajenti for system management and configuration, particularly those relying on 2FA for enhanced security, are at significant risk. Environments with legacy Ajenti installations or those lacking robust patching processes are especially vulnerable. Shared hosting environments where multiple users share an Ajenti instance also face increased risk.
• python / server:
import subprocess
result = subprocess.run(['ajenti', '--version'], capture_output=True, text=True)
if result.stdout.strip() < '0.112':
print('Vulnerable Ajenti version detected!')disclosure
Exploit-Status
EPSS
0.09% (25% Perzentil)
CISA SSVC
The primary mitigation for CVE-2026-40177 is to immediately upgrade Ajenti to version 0.112 or later. If upgrading is not immediately feasible due to compatibility issues or testing requirements, consider temporarily disabling 2FA as a partial mitigation, although this significantly reduces security. While a WAF or proxy cannot directly prevent this bypass, it can be configured to monitor for unusual activity originating from the Ajenti panel after authentication. There are no specific Sigma or YARA rules available at this time, but monitoring Ajenti's access logs for suspicious login attempts is recommended.
Aktualisieren Sie das Ajenti-Plugin auf Version 0.112 oder höher, um die Passwort-Bypass-Schwachstelle zu beheben, wenn die Zwei-Faktor-Authentifizierung (2FA) aktiviert ist. Dieses Update behebt das Problem, indem sichergestellt wird, dass die Passwort-Authentifizierung auch mit aktivierter 2FA korrekt durchgeführt wird.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-40177 is a critical vulnerability in Ajenti versions 0.0.0 through 0.111 that allows attackers to bypass password authentication, even when 2FA is enabled, potentially granting unauthorized system access.
If you are running Ajenti versions 0.0.0 through 0.111, you are potentially affected by this vulnerability. Check your Ajenti version and upgrade immediately if necessary.
The recommended fix is to upgrade Ajenti to version 0.112 or later. If an immediate upgrade is not possible, consider temporarily disabling 2FA as a short-term workaround.
As of the current date, there are no confirmed reports of active exploitation of CVE-2026-40177, but the critical severity warrants immediate attention and patching.
Refer to the official Ajenti security advisory for detailed information and updates regarding CVE-2026-40177. (Note: Specific advisory URL not provided in input data.)
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.