PT-2026-32031 · Ajenti · Ajenti-Plugin-Core
Published
2026-04-10
·
Updated
2026-04-15
·
CVE-2026-40177
CVSS v4.0
9.3
Critical
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
ajenti.plugin.core versions prior to 0.112
Description
Prior to version 0.112, if two-factor authentication (2FA) was enabled, password authentication could be bypassed. This allowed unauthorized access to the system.
Recommendations
Upgrade to version 0.112 to resolve this issue.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ajenti-Plugin-Core