CVE-2026-31070
Unauthenticated Privilege Escalation in LalanaChami Pharmacy Management System
Publication date: 2026-05-19
Last updated on: 2026-05-20
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| lalana_chami | pharmacy_management_system | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-269 | The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability in the LalanaChami Pharmacy Management System allows unauthenticated remote attackers to escalate their privileges by assigning themselves an administrative role during the user registration process.
This happens because the /api/user/signup endpoint does not properly validate the role parameter in the request body, enabling attackers to specify an administrative role without authorization.
How can this vulnerability impact me? :
This vulnerability can have serious impacts as it allows attackers to gain administrative privileges without authentication.
- Attackers with administrative access can manipulate sensitive data, alter system configurations, and potentially disrupt pharmacy management operations.
- It can lead to unauthorized access to patient information, prescription data, and other confidential records.
- Such unauthorized control can result in data breaches, loss of data integrity, and compromise of the overall system security.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows unauthenticated remote attackers to escalate privileges by self-assigning an administrative role during registration. This unauthorized privilege escalation can lead to unauthorized access to sensitive data and administrative functions.
Such unauthorized access and privilege escalation can compromise the confidentiality, integrity, and availability of personal and sensitive information managed by the LalanaChami Pharmacy Management System.
Therefore, this vulnerability may lead to non-compliance with common standards and regulations like GDPR and HIPAA, which require strict access controls and protection of personal health information.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring requests to the /api/user/signup endpoint and checking if the role parameter is being set to an administrative role during user registration without proper authentication.
You can use network traffic inspection tools or web server logs to identify such requests.
- Use curl or similar tools to test the signup endpoint by sending a POST request with a role parameter set to 'admin' and observe if the system allows privilege escalation.
- Example curl command to test the vulnerability: curl -X POST https://<target>/api/user/signup -H "Content-Type: application/json" -d '{"username":"testuser","password":"testpass","role":"admin"}'
- Check web server logs for suspicious signup requests containing the role parameter set to administrative roles.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include implementing proper validation on the /api/user/signup endpoint to ensure that the role parameter cannot be set by unauthenticated users.
Restrict the ability to assign administrative roles only to authorized and authenticated users.
As a temporary measure, consider disabling the role parameter in the signup API or removing the ability for users to self-assign roles during registration.
Monitor and audit user registrations for any unauthorized privilege escalations.