Common Weakness Enumeration
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Back to CWE stats page
CWE-266
Incorrect Privilege Assignment
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
CVE-2026-39546 (GCVE-0-2026-39546)
Vulnerability from cvelistv5 – Published: 2026-06-17 09:50 – Updated: 2026-06-17 12:36
VLAI
EPSS
VEX
Title
WordPress MultiLoca plugin <= 4.2.15 - Privilege Escalation vulnerability
Summary
Subscriber Privilege Escalation in MultiLoca <= 4.2.15 versions.
Severity
7.6 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/wordpress/plugin/… | vdb-entry |
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-39546",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-17T12:36:07.585732Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T12:36:14.140Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "woocommerce-multi-locations-inventory-management",
"product": "MultiLoca",
"vendor": "Techspawn",
"versions": [
{
"changes": [
{
"at": "4.2.16",
"status": "unaffected"
}
],
"lessThanOrEqual": "4.2.15",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Denver Jackson | Patchstack Bug Bounty Program"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Subscriber Privilege Escalation in MultiLoca \u003c= 4.2.15 versions."
}
],
"value": "Subscriber Privilege Escalation in MultiLoca \u003c= 4.2.15 versions."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266 Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T09:50:49.168Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/woocommerce-multi-locations-inventory-management/vulnerability/wordpress-multiloca-plugin-4-2-15-privilege-escalation-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update the WordPress MultiLoca Plugin to the latest available version (at least 4.2.16)."
}
],
"value": "Update the WordPress MultiLoca Plugin to the latest available version (at least 4.2.16)."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress MultiLoca plugin \u003c= 4.2.15 - Privilege Escalation vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2026-39546",
"datePublished": "2026-06-17T09:50:49.168Z",
"dateReserved": "2026-04-07T10:48:21.621Z",
"dateUpdated": "2026-06-17T12:36:14.140Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-39579 (GCVE-0-2026-39579)
Vulnerability from cvelistv5 – Published: 2026-06-15 20:18 – Updated: 2026-06-15 22:22
VLAI
EPSS
VEX
Title
WordPress B Blocks plugin <= 2.0.31 - Privilege Escalation vulnerability
Summary
Contributor Privilege Escalation in B Blocks <= 2.0.31 versions.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/wordpress/plugin/… | vdb-entry |
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-39579",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-15T22:21:36.434058Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T22:22:02.036Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "b-blocks",
"product": "B Blocks",
"vendor": "bPlugins",
"versions": [
{
"changes": [
{
"at": "2.0.32",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.0.31",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Abu Hurayra | Patchstack Bug Bounty Program"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Contributor Privilege Escalation in B Blocks \u003c= 2.0.31 versions."
}
],
"value": "Contributor Privilege Escalation in B Blocks \u003c= 2.0.31 versions."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266 Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T20:18:07.393Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/b-blocks/vulnerability/wordpress-b-blocks-plugin-2-0-31-privilege-escalation-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update the WordPress B Blocks Plugin to the latest available version (at least 2.0.32)."
}
],
"value": "Update the WordPress B Blocks Plugin to the latest available version (at least 2.0.32)."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress B Blocks plugin \u003c= 2.0.31 - Privilege Escalation vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2026-39579",
"datePublished": "2026-06-15T20:18:07.393Z",
"dateReserved": "2026-04-07T10:48:38.855Z",
"dateUpdated": "2026-06-15T22:22:02.036Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-39583 (GCVE-0-2026-39583)
Vulnerability from cvelistv5 – Published: 2026-06-15 20:18 – Updated: 2026-06-16 13:43
VLAI
EPSS
VEX
Title
WordPress Datalogics Ecommerce Delivery plugin <= 2.6.62 - Privilege Escalation vulnerability
Summary
Unauthenticated Privilege Escalation in Datalogics Ecommerce Delivery <= 2.6.62 versions.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/wordpress/plugin/… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Datalogics | Datalogics Ecommerce Delivery |
Affected:
n/a , ≤ 2.6.62
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-39583",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-16T13:41:18.938385Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-16T13:43:10.144Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "datalogics",
"product": "Datalogics Ecommerce Delivery",
"vendor": "Datalogics",
"versions": [
{
"changes": [
{
"at": "2.6.63",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.6.62",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Jarno Vos (jrn5151) | Patchstack Bug Bounty Program"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Unauthenticated Privilege Escalation in Datalogics Ecommerce Delivery \u003c= 2.6.62 versions."
}
],
"value": "Unauthenticated Privilege Escalation in Datalogics Ecommerce Delivery \u003c= 2.6.62 versions."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266 Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T20:18:08.042Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/datalogics/vulnerability/wordpress-datalogics-ecommerce-delivery-plugin-2-6-62-privilege-escalation-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update the WordPress Datalogics Ecommerce Delivery Plugin to the latest available version (at least 2.6.63)."
}
],
"value": "Update the WordPress Datalogics Ecommerce Delivery Plugin to the latest available version (at least 2.6.63)."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Datalogics Ecommerce Delivery plugin \u003c= 2.6.62 - Privilege Escalation vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2026-39583",
"datePublished": "2026-06-15T20:18:08.042Z",
"dateReserved": "2026-04-07T10:48:44.714Z",
"dateUpdated": "2026-06-16T13:43:10.144Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-39587 (GCVE-0-2026-39587)
Vulnerability from cvelistv5 – Published: 2026-06-15 20:18 – Updated: 2026-06-16 12:33
VLAI
EPSS
VEX
Title
WordPress WP BASE Booking plugin <= 5.9.0 - Privilege Escalation vulnerability
Summary
Unauthenticated Privilege Escalation in WP BASE Booking <= 5.9.0 versions.
Severity
8.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/wordpress/plugin/… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hakan Ozevin | WP BASE Booking |
Affected:
n/a , ≤ 5.9.0
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-39587",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-16T12:33:04.925065Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-16T12:33:13.234Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wp-base-booking-of-appointments-services-and-events",
"product": "WP BASE Booking",
"vendor": "Hakan Ozevin",
"versions": [
{
"changes": [
{
"at": "6.0.0",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.9.0",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Jarno Vos (jrn5151) | Patchstack Bug Bounty Program"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Unauthenticated Privilege Escalation in WP BASE Booking \u003c= 5.9.0 versions."
}
],
"value": "Unauthenticated Privilege Escalation in WP BASE Booking \u003c= 5.9.0 versions."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266 Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T20:18:09.322Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/wp-base-booking-of-appointments-services-and-events/vulnerability/wordpress-wp-base-booking-plugin-5-9-0-privilege-escalation-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update the WordPress WP BASE Booking Plugin to the latest available version (at least 6.0.0)."
}
],
"value": "Update the WordPress WP BASE Booking Plugin to the latest available version (at least 6.0.0)."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress WP BASE Booking plugin \u003c= 5.9.0 - Privilege Escalation vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2026-39587",
"datePublished": "2026-06-15T20:18:09.322Z",
"dateReserved": "2026-04-07T10:48:44.714Z",
"dateUpdated": "2026-06-16T12:33:13.234Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4013 (GCVE-0-2026-4013)
Vulnerability from cvelistv5 – Published: 2026-03-12 08:02 – Updated: 2026-03-12 13:36 X_Freeware
VLAI
EPSS
VEX
Title
SourceCodester Web-based Pharmacy Product Management System add_admin.php improper authorization
Summary
A vulnerability was identified in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown function of the file add_admin.php. Such manipulation leads to improper authorization. The attack may be launched remotely.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.350535 | vdb-entry |
| https://vuldb.com/?ctiid.350535 | signaturepermissions-required |
| https://vuldb.com/?submit.769781 | third-party-advisory |
| https://www.sourcecodester.com/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SourceCodester | Web-based Pharmacy Product Management System |
Affected:
1.0
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4013",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-12T13:36:07.248823Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T13:36:20.462Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Web-based Pharmacy Product Management System",
"vendor": "SourceCodester",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "MuhdFarhan (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was identified in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown function of the file add_admin.php. Such manipulation leads to improper authorization. The attack may be launched remotely."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:X",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:X",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:ND/RL:ND/RC:ND",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T08:02:07.851Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-350535 | SourceCodester Web-based Pharmacy Product Management System add_admin.php improper authorization",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.350535"
},
{
"name": "VDB-350535 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.350535"
},
{
"name": "Submit #769781 | SourceCodester Web-based Pharmacy Product Management System 1.0 Improper Access Controls",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769781"
},
{
"tags": [
"product"
],
"url": "https://www.sourcecodester.com/"
}
],
"tags": [
"x_freeware"
],
"timeline": [
{
"lang": "en",
"time": "2026-03-11T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-11T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-11T20:12:45.000Z",
"value": "VulDB entry last update"
}
],
"title": "SourceCodester Web-based Pharmacy Product Management System add_admin.php improper authorization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4013",
"datePublished": "2026-03-12T08:02:07.851Z",
"dateReserved": "2026-03-11T19:07:39.747Z",
"dateUpdated": "2026-03-12T13:36:20.462Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-40869 (GCVE-0-2026-40869)
Vulnerability from cvelistv5 – Published: 2026-04-21 19:08 – Updated: 2026-04-21 19:35
VLAI
EPSS
VEX
Title
Decidim amendments can be accepted or rejected by anyone
Summary
Decidim is a participatory democracy framework. Starting in version 0.19.0 and prior to versions 0.30.5 and 0.31.1, a vulnerability allows any registered and authenticated user to accept or reject any amendments. The impact is on any users who have created proposals where the amendments feature is enabled. This also elevates the user accepting the amendment as the author of the original proposal as people amending proposals are provided coauthorship on the coauthorable resources. Versions 0.30.5 and 0.31.1 fix the issue. As a workaround, disable amendment reactions for the amendable component (e.g. proposals).
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/decidim/decidim/security/advis… | x_refsource_CONFIRM |
| https://github.com/decidim/decidim/commit/1b99136… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-40869",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-21T19:35:49.007349Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-21T19:35:55.139Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "decidim",
"vendor": "decidim",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.31.0.rc1, \u003c 0.31.1"
},
{
"status": "affected",
"version": "\u003e= 0.19.0, \u003c 0.30.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Decidim is a participatory democracy framework. Starting in version 0.19.0 and prior to versions 0.30.5 and 0.31.1, a vulnerability allows any registered and authenticated user to accept or reject any amendments. The impact is on any users who have created proposals where the amendments feature is enabled. This also elevates the user accepting the amendment as the author of the original proposal as people amending proposals are provided coauthorship on the coauthorable resources. Versions 0.30.5 and 0.31.1 fix the issue. As a workaround, disable amendment reactions for the amendable component (e.g. proposals)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266: Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-21T19:08:28.239Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/decidim/decidim/security/advisories/GHSA-w5xj-99cg-rccm",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/decidim/decidim/security/advisories/GHSA-w5xj-99cg-rccm"
},
{
"name": "https://github.com/decidim/decidim/commit/1b99136a1c7aa02616a0b54a6ab88d12907a57a9",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/decidim/decidim/commit/1b99136a1c7aa02616a0b54a6ab88d12907a57a9"
}
],
"source": {
"advisory": "GHSA-w5xj-99cg-rccm",
"discovery": "UNKNOWN"
},
"title": "Decidim amendments can be accepted or rejected by anyone"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-40869",
"datePublished": "2026-04-21T19:08:28.239Z",
"dateReserved": "2026-04-15T15:57:41.718Z",
"dateUpdated": "2026-04-21T19:35:55.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4180 (GCVE-0-2026-4180)
Vulnerability from cvelistv5 – Published: 2026-03-15 13:32 – Updated: 2026-03-17 15:17 Unsupported When Assigned
VLAI
EPSS
VEX
Title
D-Link DIR-816 goahead redirect.asp access control
Summary
A vulnerability was identified in D-Link DIR-816 1.10CNB05. The impacted element is an unknown function of the file redirect.asp of the component goahead. The manipulation of the argument token_id leads to improper access controls. The attack may be initiated remotely. The exploit is publicly available and might be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.351084 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.351084 | signaturepermissions-required |
| https://vuldb.com/?submit.769828 | third-party-advisory |
| https://github.com/wudipjq/my_vuln/blob/main/D-Li… | exploit |
| https://www.dlink.com/ | product |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4180",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-17T15:17:01.474186Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-17T15:17:11.342Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"goahead"
],
"product": "DIR-816",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "1.10CNB05"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "pjqwudi (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was identified in D-Link DIR-816 1.10CNB05. The impacted element is an unknown function of the file redirect.asp of the component goahead. The manipulation of the argument token_id leads to improper access controls. The attack may be initiated remotely. The exploit is publicly available and might be used. This vulnerability only affects products that are no longer supported by the maintainer."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-15T13:32:10.207Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-351084 | D-Link DIR-816 goahead redirect.asp access control",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.351084"
},
{
"name": "VDB-351084 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.351084"
},
{
"name": "Submit #769828 | D-Link DIR816 1.10CNB05 Improper Access Controls",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769828"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link7/vuln_84/84.md"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2026-03-14T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-14T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-14T23:02:14.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DIR-816 goahead redirect.asp access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4180",
"datePublished": "2026-03-15T13:32:10.207Z",
"dateReserved": "2026-03-14T21:56:54.201Z",
"dateUpdated": "2026-03-17T15:17:11.342Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4193 (GCVE-0-2026-4193)
Vulnerability from cvelistv5 – Published: 2026-03-15 23:02 – Updated: 2026-03-16 14:40 Unsupported When Assigned
VLAI
EPSS
VEX
Title
D-Link DIR-823G goahead UpdateClientInfo access control
Summary
A security vulnerability has been detected in D-Link DIR-823G 1.0.2B05. The affected element is the function GetDDNSSettings/GetDeviceDomainName/GetDeviceSettings/GetDMZSettings/GetFirewallSettings/GetGuestNetworkSettings/GetLanWanConflictInfo/GetLocalMacAddress/GetNetworkSettings/GetQoSSettings/GetRouterInformationSettings/GetRouterLanSettings/GetWanSettings/SetAccessCtlList/SetAccessCtlSwitch/SetDeviceSettings/SetGuestWLanSettings/SetIPv4FirewallSettings/SetNetworkSettings/SetNetworkTomographySettings/SetNTPServerSettings/SetRouterLanSettings/SetStaticClientInfo/SetStaticRouteSettings/SetWLanRadioSecurity/SetWPSSettings/UpdateClientInfo of the component goahead. Such manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
11 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.351105 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.351105 | signaturepermissions-required |
| https://vuldb.com/?submit.769835 | third-party-advisory |
| https://vuldb.com/?submit.769836 | third-party-advisory |
| https://vuldb.com/?submit.769837 | third-party-advisory |
| https://vuldb.com/?submit.769838 | third-party-advisory |
| https://vuldb.com/?submit.769839 | third-party-advisory |
| https://vuldb.com/?submit.769841 | third-party-advisory |
| https://github.com/wudipjq/my_vuln/blob/main/D-Li… | related |
| https://github.com/wudipjq/my_vuln/blob/main/D-Li… | exploit |
| https://www.dlink.com/ | product |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4193",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T14:33:07.803381Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T14:40:35.349Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"goahead"
],
"product": "DIR-823G",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "1.0.2B05"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "pjqwudi (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability has been detected in D-Link DIR-823G 1.0.2B05. The affected element is the function GetDDNSSettings/GetDeviceDomainName/GetDeviceSettings/GetDMZSettings/GetFirewallSettings/GetGuestNetworkSettings/GetLanWanConflictInfo/GetLocalMacAddress/GetNetworkSettings/GetQoSSettings/GetRouterInformationSettings/GetRouterLanSettings/GetWanSettings/SetAccessCtlList/SetAccessCtlSwitch/SetDeviceSettings/SetGuestWLanSettings/SetIPv4FirewallSettings/SetNetworkSettings/SetNetworkTomographySettings/SetNTPServerSettings/SetRouterLanSettings/SetStaticClientInfo/SetStaticRouteSettings/SetWLanRadioSecurity/SetWPSSettings/UpdateClientInfo of the component goahead. Such manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:W/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:W/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:W/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-15T23:02:10.715Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-351105 | D-Link DIR-823G goahead UpdateClientInfo access control",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.351105"
},
{
"name": "VDB-351105 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.351105"
},
{
"name": "Submit #769835 | D-Link 1.0.2B05 Improper Access Controls",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769835"
},
{
"name": "Submit #769836 | D-Link DIR823G 1.0.2B05 Improper Access Controls (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769836"
},
{
"name": "Submit #769837 | D-Link DIR823G 1.0.2B05 Improper Access Controls (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769837"
},
{
"name": "Submit #769838 | D-Link DIR823G 1.0.2B05 Improper Access Controls (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769838"
},
{
"name": "Submit #769839 | D-Link DIR823G 1.0.2B05 Stack-based Buffer Overflow (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769839"
},
{
"name": "Submit #769841 | D-Link DIR823G 1.0.2B05 Improper Access Controls (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769841"
},
{
"tags": [
"related"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link7/vuln_91/91.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link7/vuln_92/92.md"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2026-03-15T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-15T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-15T09:12:43.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DIR-823G goahead UpdateClientInfo access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4193",
"datePublished": "2026-03-15T23:02:10.715Z",
"dateReserved": "2026-03-15T08:07:31.639Z",
"dateUpdated": "2026-03-16T14:40:35.349Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4194 (GCVE-0-2026-4194)
Vulnerability from cvelistv5 – Published: 2026-03-15 23:02 – Updated: 2026-03-16 14:40
VLAI
EPSS
VEX
Title
D-Link DNS-1550-04 system_mgr.cgi cgi_set_wto access control
Summary
A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The impacted element is the function cgi_set_wto of the file /cgi-bin/system_mgr.cgi. Performing a manipulation results in improper access controls. Remote exploitation of the attack is possible. The exploit is now public and may be used.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.351106 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.351106 | signaturepermissions-required |
| https://vuldb.com/?submit.769853 | third-party-advisory |
| https://github.com/wudipjq/my_vuln/blob/main/D-Li… | exploit |
| https://www.dlink.com/ | product |
Impacted products
20 products
| Vendor | Product | Version | |
|---|---|---|---|
| D-Link | DNS-120 |
Affected:
20260205
|
|
| D-Link | DNR-202L |
Affected:
20260205
|
|
| D-Link | DNS-315L |
Affected:
20260205
|
|
| D-Link | DNS-320 |
Affected:
20260205
|
|
| D-Link | DNS-320L |
Affected:
20260205
|
|
| D-Link | DNS-320LW |
Affected:
20260205
|
|
| D-Link | DNS-321 |
Affected:
20260205
|
|
| D-Link | DNR-322L |
Affected:
20260205
|
|
| D-Link | DNS-323 |
Affected:
20260205
|
|
| D-Link | DNS-325 |
Affected:
20260205
|
|
| D-Link | DNS-326 |
Affected:
20260205
|
|
| D-Link | DNS-327L |
Affected:
20260205
|
|
| D-Link | DNR-326 |
Affected:
20260205
|
|
| D-Link | DNS-340L |
Affected:
20260205
|
|
| D-Link | DNS-343 |
Affected:
20260205
|
|
| D-Link | DNS-345 |
Affected:
20260205
|
|
| D-Link | DNS-726-4 |
Affected:
20260205
|
|
| D-Link | DNS-1100-4 |
Affected:
20260205
|
|
| D-Link | DNS-1200-05 |
Affected:
20260205
|
|
| D-Link | DNS-1550-04 |
Affected:
20260205
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4194",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T14:32:18.747756Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T14:40:35.694Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DNS-120",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-202L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-315L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320LW",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-321",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-322L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-323",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-325",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-327L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-340L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-343",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-345",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-726-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1100-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1200-05",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1550-04",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "pjq123 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The impacted element is the function cgi_set_wto of the file /cgi-bin/system_mgr.cgi. Performing a manipulation results in improper access controls. Remote exploitation of the attack is possible. The exploit is now public and may be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:W/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:W/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:W/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-15T23:02:14.929Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-351106 | D-Link DNS-1550-04 system_mgr.cgi cgi_set_wto access control",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.351106"
},
{
"name": "VDB-351106 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.351106"
},
{
"name": "Submit #769853 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Authentication Bypass Issues",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769853"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_96/96.md"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-15T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-15T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-15T09:27:48.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DNS-1550-04 system_mgr.cgi cgi_set_wto access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4194",
"datePublished": "2026-03-15T23:02:14.929Z",
"dateReserved": "2026-03-15T08:22:37.852Z",
"dateUpdated": "2026-03-16T14:40:35.694Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-42368 (GCVE-0-2026-42368)
Vulnerability from cvelistv5 – Published: 2026-05-04 00:45 – Updated: 2026-06-15 19:19
VLAI
EPSS
VEX
Title
GeoVision LPC2011/LPC2211 Web Interface privilege escalation vulnerability
Summary
A privilege escalation vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted HTTP request can lead to execute priviledged operation. An attacker can visit a webpage to trigger this vulnerability.
Severity
9.9 (Critical)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-266 - Incorrect privilege assignment
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.geovision.com.tw/cyber_security.php | vendor-advisory |
| https://https://talosintelligence.com/vulnerabili… | third-party-advisory |
| https://www.talosintelligence.com/vulnerability_r… |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| GeoVision Inc. | GV-LPC2011/LPC2211 |
Affected:
1.10
Unaffected: 1.2 |
Date Public
2026-04-26 23:19
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-42368",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-04T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-05T03:56:15.127Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-06-15T19:19:05.815Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2026-2329"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "GV-LPC2011/LPC2211",
"vendor": "GeoVision Inc.",
"versions": [
{
"status": "affected",
"version": "1.10"
},
{
"status": "unaffected",
"version": "1.2"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:geovision_inc.:gv-lpc2011_lpc2211:1.10:*:linux:*:*:*:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:geovision_inc.:gv-lpc2011_lpc2211:1.2:*:linux:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Philippe Laulheret of Cisco Talos."
},
{
"lang": "en",
"type": "remediation reviewer",
"value": "Kelly Patterson of Cisco Talos."
},
{
"lang": "en",
"type": "coordinator",
"value": "Martin Zeiser of Cisco Talos."
}
],
"datePublic": "2026-04-26T23:19:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A privilege escalation vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted HTTP request can lead to execute priviledged operation. An attacker can visit a webpage to trigger this vulnerability."
}
],
"value": "A privilege escalation vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted HTTP request can lead to execute priviledged operation. An attacker can visit a webpage to trigger this vulnerability."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266 Incorrect privilege assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-04T00:45:53.668Z",
"orgId": "0df08a0e-a200-4957-9bb0-084f562506f9",
"shortName": "GV"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.geovision.com.tw/cyber_security.php"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://https://talosintelligence.com/vulnerability_reports/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "GeoVision GV-LPC2011/LPC2211 V1.12-260330 has patched the reported vulnerability.\u0026nbsp;\u003cbr\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eThe user may visit the GeoVision website or contact the GeoVision Support team for firmware update.\u0026nbsp;\u0026nbsp;\u003c/div\u003e"
}
],
"value": "GeoVision GV-LPC2011/LPC2211 V1.12-260330 has patched the reported vulnerability.\u00a0\n\n\n\nThe user may visit the GeoVision website or contact the GeoVision Support team for firmware update."
}
],
"source": {
"advisory": "TALOS-2026-2329",
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2026-02-17T01:21:00.000Z",
"value": "Initial Vendor Contact"
}
],
"title": "GeoVision LPC2011/LPC2211 Web Interface privilege escalation vulnerability",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "0df08a0e-a200-4957-9bb0-084f562506f9",
"assignerShortName": "GV",
"cveId": "CVE-2026-42368",
"datePublished": "2026-05-04T00:45:53.668Z",
"dateReserved": "2026-04-26T23:39:08.350Z",
"dateUpdated": "2026-06-15T19:19:05.815Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation ID: MIT-1
Phases: Architecture and Design, Operation
Description:
- Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation ID: MIT-17
Phases: Architecture and Design, Operation
Strategy: Environment Hardening
Description:
- Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.
No CAPEC attack patterns related to this CWE.