CVE-2026-32756

{"id": "CVE-2026-32756", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2026-03-20T00:16:16.763", "references": [{"url": "https://github.com/Admidio/admidio/releases/tag/v5.0.7", "tags": ["Patch", "Product"], "source": "security-advisories@github.com"}, {"url": "https://github.com/Admidio/admidio/security/advisories/GHSA-95cq-p4w2-32w5", "tags": ["Exploit", "Mitigation", "Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-434"}]}], "descriptions": [{"lang": "en", "value": "Admidio is an open-source user management solution. Versions 5.0.6 and below contain a critical unrestricted file upload vulnerability in the Documents & Files module. Due to a design flaw in how CSRF token validation and file extension verification interact within UploadHandlerFile.php, an authenticated user with upload permissions can bypass file extension restrictions by intentionally submitting an invalid CSRF token. This allows the upload of arbitrary file types, including PHP scripts, which may lead to Remote Code Execution on the server, resulting in full server compromise, data exfiltration, and lateral movement. This issue has been fixed in version 5.0.7."}, {"lang": "es", "value": "Admidio es una soluci\u00f3n de gesti\u00f3n de usuarios de c\u00f3digo abierto. Las versiones 5.0.6 e inferiores contienen una cr\u00edtica vulnerabilidad de carga de archivos sin restricciones en el m\u00f3dulo Documentos y Archivos. Debido a un fallo de dise\u00f1o en c\u00f3mo la validaci\u00f3n del token CSRF y la verificaci\u00f3n de la extensi\u00f3n de archivo interact\u00faan dentro de UploadHandlerFile.php, un usuario autenticado con permisos de carga puede eludir las restricciones de extensi\u00f3n de archivo al enviar intencionadamente un token CSRF no v\u00e1lido. Esto permite la carga de tipos de archivo arbitrarios, incluyendo scripts PHP, lo que puede conducir a la ejecuci\u00f3n remota de c\u00f3digo en el servidor, resultando en un compromiso total del servidor, exfiltraci\u00f3n de datos y movimiento lateral. Este problema ha sido solucionado en la versi\u00f3n 5.0.7."}], "lastModified": "2026-03-23T16:51:44.110", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:admidio:admidio:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3347E657-D132-4D87-A355-391136657A27", "versionEndExcluding": "5.0.7"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}