CVE-2026-2076
Unknown Unknown - Not Provided
Improper Authorization in Yeqifu User Management Endpoint

Publication date: 2026-02-07

Last updated on: 2026-04-29

Assigner: VulDB

Description
A weakness has been identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this vulnerability is the function addUser/updateUser/deleteUser of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\UserController.java of the component User Management Endpoint. This manipulation causes improper authorization. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The project was informed of the problem early through an issue report but has not responded yet.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-07
Last Modified
2026-04-29
Generated
2026-05-07
AI Q&A
2026-02-07
EPSS Evaluated
2026-05-05
NVD
CVE-2026-2076
EUVD
EUVD-2026-5747
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
yeqifu warehouse to 2025-10-06 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-285 The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
CWE-266 A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability be detected on my network or system? Can you suggest some commands?

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by monitoring and testing the user management endpoints for improper authorization. Specifically, attempts to invoke the addUser, updateUser, or deleteUser functions without proper permissions indicate the presence of the vulnerability.'}, {'type': 'paragraph', 'content': 'Suggested commands include sending HTTP requests to the affected endpoints to verify if unauthorized actions are possible. For example, using curl to test deletion of a user by ID without proper authorization:'}, {'type': 'list_item', 'content': 'curl -X POST http://<target>/user/deleteUser/19 -b cookie.txt'}, {'type': 'paragraph', 'content': "Where '19' is the user ID to delete and 'cookie.txt' contains authentication cookies of a low-privileged user. If the request succeeds and the user is deleted, the vulnerability exists."}, {'type': 'paragraph', 'content': 'Similarly, testing creation or update of users via POST requests to /user/addUser or /user/updateUser endpoints without proper authorization checks can confirm the vulnerability.'}] [2]


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


What immediate steps should I take to mitigate this vulnerability?

Currently, no patches or official mitigations are available for this vulnerability as the vendor has not responded or provided countermeasures.

Immediate steps to mitigate the risk include:

  • Restrict access to the user management endpoints (addUser, updateUser, deleteUser) to trusted administrators only, for example by network segmentation or firewall rules.
  • Implement additional access control mechanisms externally, such as API gateways or reverse proxies enforcing role-based access control.
  • Monitor logs for suspicious activity involving user management endpoints to detect exploitation attempts.
  • Consider replacing the affected component with an alternative product that properly enforces authorization.

Can you explain this vulnerability to me?

CVE-2026-2076 is an improper authorization vulnerability in the yeqifu warehouse project, specifically affecting the User Management Endpoint in the UserController.java file. The functions addUser, updateUser, and deleteUser lack proper authorization checks, allowing any authenticated user to perform critical user management operations without verifying their permissions.

This flaw enables unauthorized users to create new user accounts, modify existing user details, or delete users, including administrative accounts. The vulnerability is remotely exploitable with low attack complexity, and a proof-of-concept exploit is publicly available.


How can this vulnerability impact me? :

[{'type': 'paragraph', 'content': 'This vulnerability can have severe impacts including unauthorized account creation, modification, and deletion within the system.'}, {'type': 'list_item', 'content': 'Any authenticated user can create new accounts, potentially adding backdoor users.'}, {'type': 'list_item', 'content': "Users can arbitrarily modify other users' data, compromising data integrity."}, {'type': 'list_item', 'content': 'Users can delete legitimate accounts, including administrative users, leading to denial of service or privilege escalation.'}, {'type': 'paragraph', 'content': 'Overall, this leads to compromised confidentiality, integrity, and availability of the system.'}] [1, 2, 3]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart