CVE-2026-22194
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2026-01-09

Last updated on: 2026-01-09

Assigner: VulnCheck

Description
GestSup versions up to and including 3.2.56 contain a cross-site request forgery (CSRF) vulnerability where the application does not verify the authenticity of client requests. An attacker can induce a logged-in user to submit crafted requests that perform actions with the victim's privileges. This can be exploited to create privileged accounts by targeting the administrative user creation endpoint.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-09
Last Modified
2026-01-09
Generated
2026-06-16
AI Q&A
2026-01-10
EPSS Evaluated
2026-06-15
NVD
CVE-2026-22194
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
gestsup gestsup to 3.2.56 (inc)
gestsup gestsup From 3.2.45 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-352 The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-22194 is a Cross-Site Request Forgery (CSRF) vulnerability in GestSup versions up to and including 3.2.56. The application does not verify the authenticity of client requests, allowing an attacker to trick a logged-in user into submitting malicious requests that execute actions with the victim's privileges. This can be exploited to create privileged accounts by targeting the administrative user creation endpoint. [2]

Impact Analysis

This vulnerability can allow an attacker to perform privileged actions on behalf of a logged-in user without their consent, including creating privileged accounts. This can lead to unauthorized access, potential data breaches, and compromise of system integrity and availability. [2]

Detection Guidance

Detection of this CSRF vulnerability involves monitoring for unauthorized or suspicious requests to the administrative user creation endpoint, especially those that could create privileged accounts without proper authentication. Since the vulnerability requires a logged-in user to be tricked into submitting crafted requests, network detection could focus on unusual POST requests to the admin user creation URL. Specific commands depend on your environment, but generally, you can use web server access logs or network traffic analysis tools. For example, using grep on server logs to find POST requests to the user creation endpoint: grep 'POST /admin/user/create' /var/log/apache2/access.log or using tools like Wireshark or tcpdump to capture HTTP traffic and filter for suspicious requests. Additionally, checking for unexpected new privileged accounts in the GestSup application can indicate exploitation attempts. [2]

Mitigation Strategies

Immediate mitigation steps include upgrading GestSup to version 3.2.45 or later, as these versions contain security updates that address CVE-2026-22194. Additionally, enabling and enforcing multi-factor authentication (MFA) for all users, especially administrators, can reduce risk. Implementing proper CSRF protections such as verifying authenticity tokens on client requests and monitoring administrative endpoints for suspicious activity are also recommended. Restricting access to the administrative user creation endpoint and educating users to avoid clicking on untrusted links can help prevent exploitation. [1, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-22194. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart