CVE-2026-1196

Опубликовано: 20 янв. 2026

Источник: nvd

CVSS3: 3.1

CVSS3: 5.3

CVSS2: 2.1

EPSS Низкий

Описание

A security vulnerability has been detected in MineAdmin 1.x/2.x. Affected is an unknown function of the file /system/getFileInfoById. Such manipulation of the argument ID leads to information disclosure. It is possible to launch the attack remotely. The attack requires a high level of complexity. The exploitability is told to be difficult. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Ссылки

https://github.com/SourByte05/MineAdmin-Vulnerability/issues/3
Exploit
Issue Tracking
Mitigation
Third Party Advisory
https://vuldb.com/?ctiid.341781
Permissions Required
VDB Entry
https://vuldb.com/?id.341781
Third Party Advisory
VDB Entry
https://vuldb.com/?submit.734273
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mineadmin:mineadmin:1.0:*:*:*:*:*:*:*

cpe:2.3:a:mineadmin:mineadmin:2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 8%

0.00031

Низкий

3.1 Low

CVSS3

5.3 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-wq8p-q8cq-94w5

CVSS3: 3.1

github

18 дней назад

MineAdmin May Expose Sensitive Information to an Unauthorized Actor

EPSS

Процентиль: 8%

0.00031

Низкий

3.1 Low

CVSS3

5.3 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-200