CVE-2026-30403

{"id": "CVE-2026-30403", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2026-03-19T17:16:23.950", "references": [{"url": "https://github.com/TTTlw1024/qwe/issues/2", "tags": ["Exploit", "Issue Tracking"], "source": "cve@mitre.org"}, {"url": "https://github.com/tianshiyeben/wgcloud/issues/97", "tags": ["Issue Tracking"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "There is an arbitrary file read vulnerability in the test connection function of backend database management in wgcloud v3.6.3 and before, which can be used to read any file on the victim's server."}, {"lang": "es", "value": "Hay una vulnerabilidad de lectura arbitraria de archivos en la funci\u00f3n de prueba de conexi\u00f3n de la gesti\u00f3n de bases de datos de backend en wgcloud v3.6.3 y versiones anteriores, que puede ser utilizada para leer cualquier archivo en el servidor de la v\u00edctima."}], "lastModified": "2026-04-02T12:19:47.237", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:wgstart:wgcloud:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE012BD6-0C9B-4F63-957E-78C9565F977C", "versionEndIncluding": "3.6.3"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}