CVE-2026-41878
Received Received - Intake

Insecure Direct Object Reference in R-SOFT DMS File Download

Vulnerability report for CVE-2026-41878, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-10

Last updated on: 2026-07-10

Assigner: CERT.PL

Description

R-SOFT DMS is vulnerable to Insecure Direct Object Reference (IDOR) attack in multiple file download endpoints. The application fetches files from the database by ID and serves them to whoever requests them, relying only on session authentication, meaning any valid user can access any file. This issue was fixed in version v3.19-2862 and v3.17-2580.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-10
Last Modified
2026-07-10
Generated
2026-07-10
AI Q&A
2026-07-10
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
r-soft dms 3.19-2862
r-soft dms 3.17-2580

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-639 The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

The vulnerability in R-SOFT DMS is an Insecure Direct Object Reference (IDOR) attack affecting multiple file download endpoints. The application retrieves files from the database based on an ID and serves them to any requester who is authenticated in the session. However, it does not verify whether the requesting user is authorized to access the specific file, allowing any valid user to access any file.

Impact Analysis

This vulnerability can lead to unauthorized access to sensitive files by any authenticated user. Since the application does not restrict file access based on user permissions, confidential or private data could be exposed to users who should not have access, potentially leading to data breaches or information leakage.

Mitigation Strategies

To mitigate this vulnerability, you should upgrade R-SOFT DMS to version v3.19-2862 or v3.17-2580, where the issue has been fixed.

Compliance Impact

The vulnerability in R-SOFT DMS allows any valid user to access any file by exploiting an Insecure Direct Object Reference (IDOR) in multiple file download endpoints. This means unauthorized access to sensitive files is possible, which can lead to data breaches.

Such unauthorized access to files can impact compliance with data protection regulations like GDPR and HIPAA, which require strict controls on access to personal and sensitive data to prevent unauthorized disclosure.

Therefore, this vulnerability could lead to violations of these standards by failing to adequately protect sensitive information from unauthorized access.

Detection Guidance

The vulnerability in R-SOFT DMS is an Insecure Direct Object Reference (IDOR) in multiple file download endpoints, where files are served based solely on file IDs and session authentication. Detection involves verifying if unauthorized users can access files by manipulating file ID parameters in requests.

To detect this vulnerability on your system or network, you can attempt to access files by changing the file ID parameter in the download URLs while authenticated as a valid user. If you can access files that should not be accessible to your user, the system is vulnerable.

Suggested commands include using tools like curl or wget to test file access by modifying file ID parameters. For example:

  • curl -b cookies.txt "https://target-domain/download?file_id=123" -o file123
  • curl -b cookies.txt "https://target-domain/download?file_id=124" -o file124

Here, cookies.txt contains valid session cookies. By changing the file_id parameter to IDs of files you should not have access to, you can check if unauthorized file downloads are possible.

Additionally, monitoring logs for unusual file access patterns or requests with manipulated file IDs can help detect exploitation attempts.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-41878. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart