Volerion logoVolerion
Volerion logoVolerion

Actively Exploited in the Wild

This vulnerability is being actively exploited in the wild.

AjaXplorer Remote Command Execution Vulnerability in checkInstall.php

Vulnerability

A remote command execution vulnerability has been identified in AjaXplorer (now Pydio Cells) versions prior to 2.6. The issue arises in the checkInstall.php script within the access.ssh plugin, where user-supplied input to the destServer GET parameter is not properly sanitized. This lack of sanitation allows remote attackers to inject shell metacharacters and execute arbitrary system commands on the server, using the privileges of the web server process.

Impact

Exploitation of this vulnerability allows for arbitrary command execution on the server, with the same privileges as the web server user.

Reproduction

To reproduce this vulnerability, send a GET request to the 'plugins/access.ssh/checkInstall.php' endpoint with the 'destServer' parameter. Inject shell metacharacters to execute commands on the server. If the injected command's output is returned in the response, the server is vulnerable.

Remediation

Upgrade to AjaXplorer version 2.6 or later.

Added: Aug 8, 2025, 7:55 PM
Updated: Aug 8, 2025, 9:15 PM

Vulnerability Rating

Custom Algorithm
spread
5.0
impact
10.0
exploitability
9.8
remediation
7.7
relevance
0.3
threat
9.3
urgency
2.9
incentive
10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.