Ajenti 2.1.31 Remote Code Execution
Posted on 30 October 2019
This Metasploit module exploits a command injection vulnerability in Ajenti versions 2.1.31 and below. By injecting a command into the username POST parameter to api/core/auth, a shell can be spawned.