CVE-2026-29909
Received Received - Intake
Unauthenticated Directory Enumeration in MRCMS File Management Module

Publication date: 2026-03-30

Last updated on: 2026-04-02

Assigner: MITRE

Description
MRCMS V3.1.2 contains an unauthenticated directory enumeration vulnerability in the file management module. The /admin/file/list.do endpoint lacks authentication controls and proper input validation, allowing remote attackers to enumerate directory contents on the server without any credentials.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-30
Last Modified
2026-04-02
Generated
2026-06-16
AI Q&A
2026-03-30
EPSS Evaluated
2026-06-15
NVD
CVE-2026-29909
EUVD
EUVD-2026-17129
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
mrcms mrcms 3.1.2
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-20 The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
CWE-425 The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-29909 is an unauthenticated directory enumeration vulnerability in MRCMS version 3.1.2. It exists in the file management module at the endpoint /admin/file/list.do, which lacks authentication controls and proper input validation. This allows remote attackers to enumerate the contents of directories on the server without needing any credentials.

Attackers can exploit this by sending specially crafted requests with directory traversal parameters to access restricted directories and files on the server.

Compliance Impact

The vulnerability allows unauthenticated remote attackers to enumerate directory contents on the server, potentially exposing sensitive server directory structures and configuration files.

Exposure of sensitive information through directory enumeration can lead to violations of data protection standards and regulations such as GDPR and HIPAA, which require strict controls on access to personal and sensitive data.

By lacking authentication controls and proper input validation, this vulnerability undermines the confidentiality and integrity requirements mandated by these regulations.

Impact Analysis

This vulnerability can allow attackers to access sensitive server directory structures and configuration files without authentication. Such unauthorized access can lead to information disclosure, which may be leveraged for further attacks or exploitation of the system.

Detection Guidance

This vulnerability can be detected by sending unauthenticated HTTP GET requests to the vulnerable endpoint `/admin/file/list.do` with a `path` parameter that attempts directory traversal to enumerate server directories.

A typical command to test this would be using curl to send a request like:

  • curl -v "http://<target-server>/admin/file/list.do?path=../../../src/main/resources/"

If the server responds with directory contents without requiring authentication, it confirms the presence of the vulnerability.

Mitigation Strategies

Immediate mitigation steps include restricting access to the `/admin/file/list.do` endpoint by enforcing proper authentication and authorization controls.

Additionally, input validation should be implemented on the `path` parameter to prevent directory traversal attacks.

If possible, temporarily block or restrict access to this endpoint at the network level until a patch or update is applied.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-29909. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart