9.8
CVE-2026-28808
- EPSS 0.53%
- Veröffentlicht 07.04.2026 12:28:16
- Zuletzt bearbeitet 30.06.2026 03:18:03
- Quelle 6b3ad84c-e1a6-4bf7-a703-f496b7
- CVE-Watchlists
- Unerledigt
ScriptAlias CGI targets bypass directory auth in inets httpd (mod_auth vs mod_cgi path mismatch)
Incorrect Authorization vulnerability in Erlang OTP (inets modules) allows unauthenticated access to CGI scripts protected by directory rules when served via script_alias. When script_alias maps a URL prefix to a directory outside DocumentRoot, mod_auth evaluates directory-based access controls against the DocumentRoot-relative path while mod_cgi executes the script at the ScriptAlias-resolved path. This path mismatch allows unauthenticated access to CGI scripts that directory rules were meant to protect. This vulnerability is associated with program files lib/inets/src/http_server/mod_alias.erl, lib/inets/src/http_server/mod_auth.erl, and lib/inets/src/http_server/mod_cgi.erl. This issue affects OTP from OTP 17.0 until OTP 28.4.2, 27.3.4.10 and 26.2.5.19 corresponding to inets from 5.10 until 9.6.2, 9.3.2.4 and 9.1.0.6.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.53% | 0.407 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| 6b3ad84c-e1a6-4bf7-a703-f496b71e49db | 8.3 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | 7.4 | 2.2 | 5.2 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
|
CWE-551 Incorrect Behavior Order: Authorization Before Parsing and Canonicalization
If a web server does not fully parse requested URLs before it examines them for authorization, it may be possible for an attacker to bypass authorization protection.
CWE-863 Incorrect Authorization
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
https://www.erlang.org/doc/system/versions.html#order-of-versions
https://github.com/erlang/otp/security/advisories/GHSA-3vhp-h532-mc3f
https://cna.erlef.org/cves/CVE-2026-28808.html
https://osv.dev/vulnerability/EEF-CVE-2026-28808
https://github.com/erlang/otp/commit/8fc71ac6af4fbcc54103bec2983ef22e82942688
https://github.com/erlang/otp/commit/9dfa0c51eac97866078e808dec2183cb7871ff7c
https://access.redhat.com/security/cve/CVE-2026-28808
https://bugzilla.redhat.com/show_bug.cgi?id=2455909
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28808.json