FeedVulnerabilityNew MajorDoMo RCE Vulnerability Exposes Servers to Code Exec...
VulnerabilityCyber Security News
9.8CRITICAL

New MajorDoMo RCE Vulnerability Exposes Servers to Code Execution Attacks

📅 6 May 2026 at 17:14 UTC📰 Cyber Security NewsView original source ↗
New MajorDoMo RCE Vulnerability Exposes Servers to Code Execution Attacks

A newly disclosed flaw exposes internet-facing MajorDoMo servers to unauthenticated remote code execution via a broken authentication flow and unsafe dynamic PHP evaluation. The vulnerability (CVE-2026-27174) stems from the /admin.php request flow, where improper handling of unauthorized access allows execution to continue even after a redirect, effectively bypassing access controls. That continued execution exposes an […] The post New MajorDoMo RCE Vulnerability Exposes Servers to Code Execution Attacks appeared first on Cyber Security News.

🤖 AI BriefingAuto-generated threat analysis
🔍Threat Overview

A newly disclosed MajorDoMo RCE vulnerability (CVE-2026-27174) exposes internet-facing servers to unauthenticated remote code execution via a broken authentication flow and unsafe dynamic PHP evaluation, posing a critical risk to affected systems.

⚙️Technical Details
Affected Systems
Mjdm Majordomo
💥Impact Assessment
Severity: Unknown
🛡️Recommended Actions
1Implement a patch for the CVE-2026-27174 vulnerability as soon as possible.
2Disable PHP console feature in the admin panel to prevent exploitation.
3Monitor server logs for suspicious activity and implement additional security controls.
📦Affected Products
Mjdm Majordomo
🔐NVD Verified DataVERIFIED
CVE-2026-27174CVSS 9.8CRITICAL
Attack Vector
NETWORK
Complexity
LOW
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weaknesses
CWE-94
Affected Products (CPE)
Mjdm Majordomo

Read the full article

This is a curated summary. The complete article is available at Cyber Security News.

Read on Cyber Security News
← Back to feed