CVE-2026-40043
Received Received - Intake
Authentication Bypass in Pachno 1.0.6 Enables Privilege Escalation

Publication date: 2026-04-13

Last updated on: 2026-04-13

Assigner: VulnCheck

Description
Pachno 1.0.6 contains an authentication bypass vulnerability in the runSwitchUser() action that allows authenticated low-privilege users to escalate privileges by manipulating the original_username cookie. Attackers can set the client-controlled original_username cookie to any value and request a switch to user ID 1 to obtain session tokens or password hashes belonging to administrator accounts.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-13
Last Modified
2026-04-13
Generated
2026-06-16
AI Q&A
2026-04-14
EPSS Evaluated
2026-06-15
NVD
CVE-2026-40043
EUVD
EUVD-2026-22051
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
pachno pachno 1.0.6
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-639 The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The vulnerability allows low-privilege authenticated users to escalate their privileges and obtain session tokens or password hashes of administrator accounts. This unauthorized access to sensitive authentication credentials could lead to data breaches or unauthorized data access.

Such unauthorized access and potential data exposure may impact compliance with standards and regulations like GDPR and HIPAA, which require protection of sensitive data and proper access controls to prevent unauthorized disclosure.

Impact Analysis

This vulnerability can allow an attacker with low privileges to escalate their access to administrator-level accounts.

By obtaining session tokens or password hashes of administrator accounts, the attacker can potentially take full control of the affected system.

The exploit can be executed remotely, requires no user interaction, and has low attack complexity, increasing the risk of compromise.

Executive Summary

CVE-2026-40043 is an authentication bypass vulnerability in Pachno version 1.0.6, specifically in the runSwitchUser() function.

This vulnerability allows authenticated low-privilege users to escalate their privileges by manipulating a client-controlled cookie named original_username.

By setting this cookie to any value and requesting a switch to user ID 1, an attacker can obtain session tokens or password hashes belonging to administrator accounts.

Detection Guidance

Detection of this vulnerability involves monitoring for unusual manipulation of the original_username cookie in HTTP requests to the Pachno 1.0.6 application.

You can inspect HTTP traffic for requests where the original_username cookie is set to arbitrary values, especially attempts to switch to user ID 1.

Suggested commands include using network traffic analysis tools such as:

  • Using tcpdump or tshark to capture HTTP traffic and filter for requests containing the original_username cookie.
  • Example tshark command: tshark -Y 'http.cookie contains "original_username"' -T fields -e http.host -e http.cookie
  • Using curl or similar tools to manually test the vulnerability by setting the original_username cookie to arbitrary values and observing the response.
Mitigation Strategies

Immediate mitigation steps include restricting access to the Pachno 1.0.6 application to trusted users only and monitoring for suspicious activity involving the original_username cookie.

Applying patches or updates from the vendor that address the authentication bypass vulnerability is critical once available.

As a temporary workaround, consider implementing additional server-side validation of the original_username cookie to prevent unauthorized privilege escalation.

Also, review and tighten session management and cookie handling policies to reduce the risk of cookie manipulation.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-40043. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart