Plattform
java
Komponente
public_exp
Behoben in
5.0.1
5.1.1
5.2.1
5.3.1
5.4.1
5.5.1
A server-side request forgery (SSRF) vulnerability has been discovered in mingSoft MCMS versions 5.0 to 5.5.0. This flaw resides within the catchImage function of the net/mingsoft/cms/action/BaseAction.java file, specifically within the Editor Endpoint. Successful exploitation allows an attacker to manipulate the application into making requests to arbitrary internal or external resources, potentially leading to sensitive data exposure or further system compromise.
The SSRF vulnerability in mingSoft MCMS presents a significant risk. An attacker can leverage this flaw to make the application initiate requests to internal services that are not directly accessible from the outside world. This could involve accessing sensitive configuration files, interacting with internal APIs, or even attempting to scan the internal network for other vulnerable systems. The availability of a public exploit dramatically increases the likelihood of exploitation, and the potential for widespread attacks targeting MCMS deployments is high. The blast radius extends beyond simple data exposure; an attacker could potentially use the SSRF to pivot and gain access to other systems within the internal network, depending on the permissions and access granted to the MCMS application.
This vulnerability is considered actively exploitable due to the public availability of a proof-of-concept. It has not been added to the CISA KEV catalog as of this writing. The public disclosure date (2026-03-27) indicates a relatively recent discovery, and the availability of a PoC suggests that attackers are actively seeking to exploit this flaw. Monitor security advisories and threat intelligence feeds for any reports of active campaigns targeting mingSoft MCMS.
Organizations using mingSoft MCMS versions 5.0 through 5.5.0 are at risk, particularly those with internal services accessible through the Editor Endpoint. Shared hosting environments utilizing MCMS are also at increased risk due to the potential for cross-tenant exploitation.
• java / server:
grep -r 'net/mingsoft/cms/action/BaseAction.java' /path/to/mcms/source
grep -r 'catchImage' /path/to/mcms/logs• generic web:
curl -I http://your-mcms-server/editor/baseAction.action?catchimage=http://internal-servicedisclosure
Exploit-Status
EPSS
0.05% (16% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2026-4953 is to upgrade to a patched version of mingSoft MCMS. Unfortunately, the specific fixed version is not provided. Until a patch is available, implement temporary workarounds to reduce the attack surface. Restrict network access to the MCMS server, limiting outbound connections to only necessary services. Implement strict input validation on the catchimage parameter, rejecting any requests with suspicious or unexpected values. Consider deploying a Web Application Firewall (WAF) with rules to detect and block SSRF attempts targeting the Editor Endpoint. Monitor access logs for unusual outbound requests originating from the MCMS server.
Aktualisieren Sie mingSoft MCMS auf eine Version nach 5.5.0. Dies behebt die Server-Side Request Forgery (SSRF) Schwachstelle im Component Editor Endpoint.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-4953 is a server-side request forgery vulnerability in mingSoft MCMS versions 5.0 to 5.5.0, allowing attackers to manipulate internal requests.
You are affected if you are using mingSoft MCMS versions 5.0 through 5.5.0 and have not upgraded to a patched version.
Upgrade to a patched version of mingSoft MCMS. Until a patch is available, implement input validation and WAF rules to mitigate the risk.
Due to the public availability of an exploit, CVE-2026-4953 is likely being actively exploited or targeted by attackers.
Refer to the mingSoft MCMS official website or security advisories for the latest information and updates regarding CVE-2026-4953.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine pom.xml-Datei hoch und wir sagen dir sofort, ob du betroffen bist.