CVE-2026-1734
Authorization Bypass in Zhong Bang CRMEB Crontab Endpoint
Publication date: 2026-02-02
Last updated on: 2026-02-11
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| crmeb | crmeb | to 5.6.3 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-863 | The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. |
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability in Zhong Bang CRMEB allows unauthorized remote access to cron job endpoints due to missing authorization controls. This can lead to unauthorized actions that impact the integrity of the system.
Such unauthorized access and potential manipulation of system functions could result in non-compliance with common security requirements found in standards and regulations like GDPR and HIPAA, which mandate proper access controls and protection of system integrity to safeguard sensitive data.
However, the provided information does not explicitly mention any direct impact or assessment related to compliance with these standards.
Can you explain this vulnerability to me?
This vulnerability is an authorization bypass flaw in Zhong Bang CRMEB up to version 5.6.3, specifically in the crontab endpoint handled by the CrontabController.php file. Due to missing authorization checks, attackers can remotely access and invoke cron job-related endpoints without any authentication, allowing them to perform unauthorized actions. [1, 3]
How can this vulnerability impact me? :
Exploitation of this vulnerability can lead to unauthorized actions such as malicious order cancellations, forced delivery confirmations, and disruptions to the distribution system. This impacts the integrity and operation of the affected system, potentially causing significant operational issues. [1, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by scanning for the presence of the vulnerable endpoint path crmeb/app/api/controller/v1/CrontabController.php on your system or network. One method is to use Google dorking with the query inurl:crmeb/app/api/controller/v1/CrontabController.php to identify exposed targets. Additionally, you can use network scanning tools like curl or wget to send requests to the suspected endpoint and observe if unauthorized access is possible without authentication. For example, a command like `curl -i http://target/crmeb/app/api/controller/v1/CrontabController.php` can be used to check if the endpoint is accessible and responds without authorization. Monitoring logs for unexpected access to this endpoint may also help detect exploitation attempts. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the vulnerable crontab endpoint by implementing network-level controls such as firewall rules to block external access to crmeb/app/api/controller/v1/CrontabController.php. Since no vendor patch or official fix is available, it is recommended to replace or upgrade the affected component or product to a version that does not contain this vulnerability. Additionally, monitor your system for any suspicious activity related to cron job endpoints and consider disabling or limiting the use of these endpoints until a secure fix is applied. [1]