CVE-2026-21880

# LDAP Injection PoC for CVE-2026-21880 username = "admin)(|(password=*" # 构造的输入会导致LDAP查询返回所有用户

{"cve": {"id": "CVE-2026-21880", "sourceIdentifier": "[email protected]", "published": "2026-01-08T02:15:53.650", "lastModified": "2026-01-20T18:38:16.523", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Kanboard is project management software focused on Kanban methodology. Versions 1.2.48 and below have an LDAP Injection vulnerability in the LDAP authentication mechanism. User-supplied input is directly substituted into LDAP search filters without proper sanitization, allowing attackers to enumerate all LDAP users, discover sensitive user attributes, and perform targeted attacks against specific accounts. This issue is fixed in version 1.2.49."}, {"lang": "es", "value": "Kanboard es un software de gestión de proyectos enfocado en la metodología Kanban. Las versiones 1.2.48 e inferiores tienen una vulnerabilidad de inyección LDAP en el mecanismo de autenticación LDAP. La entrada proporcionada por el usuario se sustituye directamente en los filtros de búsqueda LDAP sin una sanitización adecuada, permitiendo a los atacantes enumerar todos los usuarios LDAP, descubrir atributos de usuario sensibles y realizar ataques dirigidos contra cuentas específicas. Este problema se corrige en la versión 1.2.49."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 1.4}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 1.4}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-90"}, {"lang": "en", "value": "CWE-200"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:kanboard:kanboard:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.2.49", "matchCriteriaId": "AFA1D972-E76A-4A20-95F5-68D9915D3797"}]}]}], "references": [{"url": "https://github.com/kanboard/kanboard/commit/dd374079f7c2d1dab74c1680960e684ff8668586", "source": "[email protected]", "tags": ["Patch"]}, {"url": "https://github.com/kanboard/kanboard/releases/tag/v1.2.49", "source": "[email protected]", "tags": ["Release Notes"]}, {"url": "https://github.com/kanboard/kanboard/security/advisories/GHSA-v66r-m28r-wmq7", "source": "[email protected]", "tags": ["Exploit", "Vendor Advisory"]}, {"url": "https://github.com/kanboard/kanboard/security/advisories/GHSA-v66r-m28r-wmq7", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Vendor Advisory"]}]}}