CVE-2026-2105
Improper Authorization in Yeqifu Department Management (Remote Exploit
Publication date: 2026-02-07
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| yeqifu | warehouse | to 2025-10-06 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-266 | A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor. |
| CWE-285 | The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-2105 is an improper authorization vulnerability in the yeqifu warehouse project, specifically in the Department Management component. The flaw exists in the addDept, updateDept, and deleteDept functions of the DeptController.java file. These functions lack proper authorization checks, allowing any authenticated user to remotely create, update, or delete department records without the necessary permissions.
This means that unauthorized users can manipulate the organizational structure, including user groupings and reporting lines, by exploiting this vulnerability.
How can this vulnerability impact me? :
The vulnerability allows unauthorized users to modify department data remotely, which can lead to improper access control configurations. This manipulation can affect confidentiality, integrity, and availability of organizational data.
- Unauthorized creation, update, or deletion of department records.
- Alteration of user groupings and reporting lines.
- Potential disruption of access controls that depend on department configurations.
Such impacts can compromise the security and proper functioning of the affected system.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by attempting to access the Department Management endpoints without proper authorization and observing if unauthorized modifications are possible.'}, {'type': 'paragraph', 'content': 'Specifically, sending POST requests to the endpoints addDept, updateDept, or deleteDept in the DeptController.java component can reveal the flaw.'}, {'type': 'paragraph', 'content': 'For example, a low-privileged user can send a POST request to /dept/deleteDept with a department ID parameter to test if deletion is allowed without proper rights.'}, {'type': 'list_item', 'content': 'curl -X POST https://[target]/dept/deleteDept -d "id=[department_id]"'}, {'type': 'list_item', 'content': 'curl -X POST https://[target]/dept/addDept -d "[department_data]"'}, {'type': 'list_item', 'content': 'curl -X POST https://[target]/dept/updateDept -d "id=[department_id]&[updated_data]"'}, {'type': 'paragraph', 'content': 'If these commands succeed without proper authorization checks, it indicates the presence of the vulnerability.'}] [3]
What immediate steps should I take to mitigate this vulnerability?
Currently, there are no known patches or countermeasures provided by the project maintainers.
Immediate mitigation steps include restricting access to the Department Management endpoints to trusted users only, for example by network segmentation or firewall rules.
Consider disabling or removing the affected Department Management functionality if possible until a fix is available.
Alternatively, replace the affected component or product with a secure version or different solution that enforces proper authorization.