{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-27975", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-02-25T03:24:57.793Z", "datePublished": "2026-02-26T02:39:28.283Z", "dateUpdated": "2026-02-27T14:13:28.184Z"}, "containers": {"cna": {"title": "Ajenti has a potential Remote Code Execution", "problemTypes": [{"descriptions": [{"cweId": "CWE-284", "lang": "en", "description": "CWE-284: Improper Access Control", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U", "version": "4.0"}}], "references": [{"name": "https://github.com/ajenti/ajenti/security/advisories/GHSA-vcw3-r3fx-j444", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/ajenti/ajenti/security/advisories/GHSA-vcw3-r3fx-j444"}, {"name": "https://github.com/ajenti/ajenti/releases/tag/v2.2.13", "tags": ["x_refsource_MISC"], "url": "https://github.com/ajenti/ajenti/releases/tag/v2.2.13"}], "affected": [{"vendor": "ajenti", "product": "ajenti", "versions": [{"version": "< 2.2.13", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-26T02:39:28.283Z"}, "descriptions": [{"lang": "en", "value": "Ajenti is a Linux and BSD modular server admin panel. Prior to version 2.2.13, an unauthenticated user could gain access to a server to execute arbitrary code on this server. This is fixed in the version 2.2.13."}], "source": {"advisory": "GHSA-vcw3-r3fx-j444", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-27T04:55:50.650663Z", "id": "CVE-2026-27975", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-27T14:13:28.184Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-27975", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-02-27T04:55:50.650663Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-26T14:34:48.524Z"}}], "cna": {"title": "Ajenti has a potential Remote Code Execution", "source": {"advisory": "GHSA-vcw3-r3fx-j444", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH"}}], "affected": [{"vendor": "ajenti", "product": "ajenti", "versions": [{"status": "affected", "version": "< 2.2.13"}]}], "references": [{"url": "https://github.com/ajenti/ajenti/security/advisories/GHSA-vcw3-r3fx-j444", "name": "https://github.com/ajenti/ajenti/security/advisories/GHSA-vcw3-r3fx-j444", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/ajenti/ajenti/releases/tag/v2.2.13", "name": "https://github.com/ajenti/ajenti/releases/tag/v2.2.13", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Ajenti is a Linux and BSD modular server admin panel. Prior to version 2.2.13, an unauthenticated user could gain access to a server to execute arbitrary code on this server. This is fixed in the version 2.2.13."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-284", "description": "CWE-284: Improper Access Control"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-26T02:39:28.283Z"}}}, "cveMetadata": {"cveId": "CVE-2026-27975", "state": "PUBLISHED", "dateUpdated": "2026-02-27T14:13:28.184Z", "dateReserved": "2026-02-25T03:24:57.793Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-02-26T02:39:28.283Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ajenti:ajenti:*:*:*:*:*:*:*:*", "matchCriteriaId": "46C8FC13-F70C-416C-8601-0E5AFF54545D", "versionEndExcluding": "2.2.13", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Ajenti is a Linux and BSD modular server admin panel. Prior to version 2.2.13, an unauthenticated user could gain access to a server to execute arbitrary code on this server. This is fixed in the version 2.2.13."}, {"lang": "es", "value": "Ajenti es un panel de administraci\u00f3n de servidor modular para Linux y BSD. Antes de la versi\u00f3n 2.2.13, un usuario no autenticado podr\u00eda obtener acceso a un servidor para ejecutar c\u00f3digo arbitrario en este servidor. Esto est\u00e1 corregido en la versi\u00f3n 2.2.13."}], "id": "CVE-2026-27975", "lastModified": "2026-03-02T17:24:59.513", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "UNREPORTED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-02-26T03:16:05.130", "references": [{"source": "security-advisories@github.com", "tags": ["Product", "Release Notes"], "url": "https://github.com/ajenti/ajenti/releases/tag/v2.2.13"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://github.com/ajenti/ajenti/security/advisories/GHSA-vcw3-r3fx-j444"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "security-advisories@github.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,2.2.13)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "ajenti", "source": "cna", "vendor": "ajenti"}, "product": "ajenti", "vendor": "ajenti"}], "analysis": {"en": {"generated_at": "2026-04-17T14:27:28.239942+00:00", "value": {"mitigation_remediation": ["Upgrade to Ajenti version 2.2.13 or later to remove the flaw.", "Restrict access to the Ajenti web interface by limiting the list of IP addresses or subnet ranges that are allowed to connect, or by disabling the interface altogether if it is not needed.", "Implement network segmentation or firewall rules to ensure that only trusted management networks can reach the Ajenti control plane, thereby reducing exposure to unauthenticated users."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "The vulnerability applies to all installations of the Ajenti server administration panel that are running a version older than 2.2.13. The affected stack includes Linux and BSD operating systems where Ajenti is deployed through its web\u2011based interface. The issue is resolved in Ajenti 2.2.13 and later releases.", "description_and_impact": "A flaw in Ajenti\u2019s access control permits an unauthenticated user to execute arbitrary code on a server that runs the panel. Because the panel is designed for privileged system management, code execution grants the attacker full control over the host, potentially compromising confidentiality, integrity, and availability. The weakness is a classic example of improper access control, which is recognized as CWE\u2011284.", "risk_and_exploitability": "The CVSS base score of 8.1 indicates a high level of risk, while the EPSS value of less than 1% suggests that exploitation attempts are rare or difficult to detect. The vulnerability is not currently listed in the CISA KEV catalog. The likely attack path involves a remote user accessing the Ajenti web interface without authentication, which can be achieved from any network location that can reach the panel\u2019s listening port. The absence of authentication checks allows the attacker to send specially crafted requests that trigger arbitrary command execution."}}}}, "created": "2026-02-26T13:09:45.476148+00:00", "updated": "2026-04-17T14:30:20.830438+00:00", "vendors": ["ajenti", "ajenti$PRODUCT$ajenti"]}