CVE-2020-37002
CriticalSummary
Ajenti version 2.1.36 contains a post-authenticated remote command execution vulnerability that allows remote attackers to execute arbitrary commands after successful login. Attackers can leverage the /api/terminal/create endpoint to send a netcat reverse shell payload targeting a specified IP and port.
Risk Assessment
This vulnerability poses a serious risk to organizations as it allows attackers to remotely execute commands on the server after gaining access. This could lead to system takeover and data leakage.
Recommendation
It is recommended to update Ajenti to the latest version to mitigate this vulnerability. Additionally, restricting access to API endpoints and monitoring logs for unauthorized access attempts is advisable.
Original NVD description (English source)
Ajenti 2.1.36 contains a post-authenticated remote command execution vulnerability that allows remote attackers to execute arbitrary commands after successful login. Attackers can leverage the /api/terminal/create endpoint to send a netcat reverse shell payload targeting a specified IP and port.

