CVE-2026-27174 Scanner

MajorDoMo is a smart home automation platform used worldwide for managing connected devices. It is commonly deployed in residential and commercial properties to streamline the operation of electronics, enhancing convenience and energy management. The platform is popular for users seeking custom automation solutions through community-developed modules and plugins. Its web-based interface allows easy control and configuration from any internet-capable device, making it versatile and accessible. Due to its open-source nature, MajorDoMo attracts hobbyists and developers looking to contribute additional functionality. The software is integral to smart homes, playing a critical role in integrating diverse smart devices into a unified system.

This scanner detects a Remote Code Execution (RCE) vulnerability, which allows attackers to execute arbitrary code on the remote server. This is due to an include order bug and lack of proper exits after redirects in the admin panel's PHP console. The vulnerability is severe as it grants attackers the ability to run PHP code on the server without authorization. Exploiting this flaw can lead to complete control of the system, underlining the need for prompt remediation. It's critical for administrators to address this vulnerability before attackers can exploit it for malicious purposes.

The vulnerability lies in the PHP console of the admin panel where improper handling of include orders and redirect exits occurs. Specifically, attackers can issue crafted GET requests via the console to execute PHP code. The vulnerability is triggered when the admin panel processes these crafted requests without proper authorization. Critical endpoints in this scenario include those handling admin panel operations without robust security checks. This flaw allows for payloads that manipulate server-side operations, making it an attractive target for attackers seeking server control.

Exploiting this vulnerability can have disastrous consequences, potentially allowing attackers to compromise the entire system. Affected servers could see unauthorized data modification, theft of sensitive information, and disruption of services. Long-term impacts include loss of consumer trust and potential financial liabilities from data breaches. Businesses using MajorDoMo need to prioritize patching to mitigate these risks. If exploited, attackers have the potential to maintain persistent access or cause irreversible damage to the system.

REFERENCES

• https://nvd.nist.gov/vuln/detail/CVE-2026-27174
• https://github.com/sergejey/majordomo/issues/1177
• https://chocapikk.com/posts/2026/majordomo-revisited
• https://www.vulncheck.com/advisories/majordomo-unauthenticated-remote-code-execution-via-admin-console-eval