CVE-2018-1000083

Name of the Vulnerable Software and Affected Versions: Ajenti version 2

Description: The issue is related to improper error handling in the login JSON request, which can lead to the leakage of the server's path. This can be exploited by sending a malformed JSON, resulting in a traceback error that reveals the server's path.

Recommendations: For Ajenti version 2, consider restricting access to the login JSON request until a fix is available. As a temporary workaround, avoid using the login functionality with JSON requests to minimize the risk of path leakage.