CVE-2026-27181
Unauthenticated Arbitrary Module Uninstallation in MajorDoMo
Publication date: 2026-02-18
Last updated on: 2026-02-20
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| mjdm | majordomo | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in MajorDoMo allows an attacker to uninstall any module without authentication by exploiting the market module's admin() method. The method reads a 'mode' parameter from user input and assigns it internally, enabling access to all mode-restricted code paths without needing to log in. Specifically, the 'uninstall' mode calls a function that deletes module records from the database, runs the module's uninstall code, removes its files and templates, and deletes related scripts. An attacker can use unauthenticated GET requests to iterate through module names and completely wipe the MajorDoMo installation.
How can this vulnerability impact me? :
The vulnerability can lead to a complete denial of service by allowing an attacker to uninstall all modules of the MajorDoMo system without any authentication. This results in the deletion of database records, module files, templates, and associated scripts, effectively wiping out the entire installation and disrupting all functionalities dependent on those modules.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know