Compliance Impact

CVE-2026-57518 allows privilege escalation leading to remote code execution on Pagekit CMS installations. This can result in unauthorized access and control over the system, potentially exposing sensitive data or disrupting services.

Such unauthorized access and potential data breaches can negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require strict controls over user permissions, data protection, and system integrity.

Specifically, the vulnerability enables attackers to escalate privileges and execute arbitrary code, which could lead to exposure or manipulation of personal or protected health information, violating confidentiality and integrity requirements mandated by these regulations.

Furthermore, since the Pagekit CMS project is no longer maintained and no official patches are available, affected organizations may face challenges in mitigating the risk, thereby increasing their compliance risk.

Useful 0 Not Useful 0

Executive Summary

CVE-2026-57518 is a privilege escalation vulnerability in Pagekit CMS version 1.0.18 and earlier. It occurs because the UserApiController::saveAction() function lacks proper authorization checks, allowing authenticated users with the 'user: manage users' permission to assign themselves arbitrary custom roles.

Attackers can exploit this flaw to assign themselves a custom role that includes the 'system: manage packages' permission. This elevated permission enables them to upload and install malicious PHP packages through the admin package installer, ultimately leading to remote code execution on the server.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can have severe impacts, including full server compromise. An attacker with a low-privilege account that has the 'user: manage users' permission can escalate their privileges by assigning themselves roles with elevated permissions.

Once escalated, the attacker can upload a malicious PHP package via the package installer, which can contain a webshell or other malicious code, allowing them to execute arbitrary commands on the server.

This leads to remote code execution, potentially compromising the entire system, stealing data, or disrupting services.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by checking if any authenticated users with the 'user: manage users' permission have assigned themselves custom roles with elevated permissions such as 'system: manage packages'.

Since the vulnerability involves privilege escalation through role assignment and subsequent package installation, monitoring for unusual role changes or package uploads in the Pagekit CMS admin interface is recommended.

Specific commands are not provided in the resources, but detection could involve reviewing user roles in the database or logs for suspicious changes, and checking for recently uploaded packages or PHP files in the package installer directories.

Useful 0 Not Useful 0

Mitigation Strategies

Immediate mitigation steps include restricting the 'user: manage users' permission to fully trusted administrators only, preventing untrusted users from assigning themselves elevated custom roles.

Since the Pagekit CMS project is no longer maintained and no official patches are available, consider migrating to a maintained CMS to avoid this and other vulnerabilities.

Useful 0 Not Useful 0