CVE-2026-5251 in z-9527 admin情報

要約 (英語)

A vulnerability was identified in z-9527 admin 1.0/2.0. This impacts an unknown function of the file /server/routes/user.js of the component User Update Endpoint. Such manipulation of the argument isAdmin with the input 1 leads to dynamically-determined object attributes. It is possible to launch the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

公開

2026年04月01日

エントリ

VulDB provides additional information and datapoints for this CVE:

識別子脆弱性CWE悪用可対策CVE
354441z-9527 admin User Update user.js 特権昇格915概念実証未定義CVE-2026-5251

説明

CPE

CWE

CVSS

エクスプロイト

履歴

差分

リンクする

脅威インテリジェンス

API JSON

API XML

API CSV

概要

Do you know our Splunk app?

Download it now for free!