CVE-2026-2075
Unknown Unknown - Not Provided
Improper Access Control in Yeqifu Role-Permission Handler

Publication date: 2026-02-07

Last updated on: 2026-04-29

Assigner: VulDB

Description
A security flaw has been discovered in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected is the function saveRolePermission of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\RoleController.java of the component Role-Permission Binding Handler. The manipulation results in improper access controls. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The project was informed of the problem early through an issue report but has not responded yet.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-07
Last Modified
2026-04-29
Generated
2026-05-27
AI Q&A
2026-02-07
EPSS Evaluated
2026-05-25
NVD
CVE-2026-2075
EUVD
EUVD-2026-5748
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
yeqifu warehouse to 2025-10-06 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-266 A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
CWE-284 The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

[{'type': 'paragraph', 'content': 'CVE-2026-2075 is a critical authorization vulnerability in the yeqifu warehouse application, specifically in the saveRolePermission method of the RoleController.java component. This method allows modification of role permissions without performing any authorization checks, meaning any authenticated user can escalate their privileges by arbitrarily expanding permissions for any role.'}, {'type': 'paragraph', 'content': "As a result, attackers can grant themselves high-risk permissions, including user, role, and permission management capabilities. This flaw breaks the application's authorization model, enabling persistent privilege escalation and broad unauthorized access to sensitive data and administrative functions."}] [1, 4]


How can this vulnerability impact me? :

This vulnerability allows an attacker with any authenticated user account to escalate their privileges to high-risk roles, granting them broad access to sensitive data and administrative actions.

  • Unauthorized modification of role-permission bindings.
  • Persistent privilege escalation.
  • Compromise of confidentiality, integrity, and availability of the system.
  • Potential full control over user, role, and permission management.

Because the exploit is publicly available and the vulnerability can be triggered remotely, the risk of attack is significant.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by monitoring for unauthorized or suspicious POST requests to the endpoint /role/saveRolePermission, which is used to modify role-permission bindings.'}, {'type': 'paragraph', 'content': 'A low-privileged authenticated user sending a crafted POST request with parameters specifying role IDs and permission IDs without proper authorization checks indicates exploitation attempts.'}, {'type': 'paragraph', 'content': 'To detect this on your system, you can analyze web server logs or use network monitoring tools to look for POST requests to /role/saveRolePermission with unusual or unexpected parameters.'}, {'type': 'list_item', 'content': 'Use command-line tools like curl or wget to simulate or detect such requests.'}, {'type': 'list_item', 'content': 'Example command to test the endpoint (replace session cookie and parameters accordingly):'}, {'type': 'list_item', 'content': 'curl -X POST https://yourserver/role/saveRolePermission -H "Cookie: JSESSIONID=your_session_id" -H "Content-Type: application/x-www-form-urlencoded" -d "rid=target_role_id&ids=permission_id1,permission_id2"'}, {'type': 'list_item', 'content': 'Check logs for such requests from unexpected users or IP addresses.'}] [4]


What immediate steps should I take to mitigate this vulnerability?

Currently, there are no known patches or mitigations provided by the yeqifu warehouse project as it has not responded to the vulnerability report.

Immediate mitigation steps include restricting access to the /role/saveRolePermission endpoint to only highly trusted users or administrators, possibly via network-level controls such as firewalls or web application firewalls (WAF).

Monitor and audit all role-permission modification activities closely to detect unauthorized changes.

Consider disabling or limiting the use of the Role-Permission Binding Handler functionality until a fix is available.

Evaluate alternative products or solutions that do not have this vulnerability.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart