Platform
php
Component
wimi-teamwork
Fixed in
8.2.0
CVE-2026-35023 describes an insecure direct object reference (IDOR) vulnerability found in Wimi Teamwork On-Premises. This flaw exists within the preview.php endpoint, allowing unauthorized access to image previews by manipulating the item_id parameter. Successful exploitation could lead to the exposure of sensitive information from private or group conversations, impacting user privacy. The vulnerability affects versions 0.0.0 through 8.2.0, and a patch is available in version 8.2.0.
CVE-2026-35023 in Wimi Teamwork affects versions prior to 8.2.0. It's an Insecure Direct Object Reference (IDOR) vulnerability located in the preview.php endpoint. This flaw allows an attacker, by manipulating the itemid parameter without proper authorization checks, to access image previews belonging to other users' private or group conversations. The attacker can enumerate sequential itemid values to identify and retrieve these images, resulting in unauthorized disclosure of sensitive information. The risk is significant as it compromises the confidentiality of internal communications and can expose critical user data. The ease of exploitation, combined with the potential impact on privacy, makes this vulnerability a high priority for remediation.
An attacker could exploit this vulnerability by sending HTTP requests to the preview.php endpoint with different values for the itemid parameter. By iterating through a sequence of itemids, the attacker can discover which IDs correspond to images of other users. No prior authentication is required to perform these requests, which simplifies exploitation. The vulnerability lies in the lack of validation of the item_id in relation to the identity of the user making the request. This lack of validation allows an attacker to access resources that do not belong to them, compromising the platform's security.
Exploit Status
EPSS
0.03% (8% percentile)
CISA SSVC
CVSS Vector
The solution to mitigate CVE-2026-35023 is to update Wimi Teamwork to version 8.2.0 or later. This version includes the necessary fixes to implement proper authorization controls in the preview.php endpoint. In the meantime, as a temporary measure, restrict access to the preview.php endpoint from external networks and monitor server logs for suspicious activity. A robust patch management policy is crucial to ensure all Wimi Teamwork instances are updated with the latest security versions. Additionally, review and strengthen access control policies to limit access to sensitive data only to authorized users.
Actualice Wimi Teamwork On-Premises a la versión 8.2.0 o superior para mitigar la vulnerabilidad IDOR. Esta actualización implementa las verificaciones de autorización necesarias en el endpoint preview.php, previniendo el acceso no autorizado a imágenes de conversaciones privadas.
Vulnerability analysis and critical alerts directly to your inbox.
An IDOR (Insecure Direct Object Reference) vulnerability occurs when a web application uses an internal identifier to access an object without verifying if the user has permission to access it.
If you are using a version prior to 8.2.0, your installation is vulnerable. Update to the latest version to remediate the vulnerability.
Review server logs for suspicious activity. Consider performing a comprehensive security audit and notify affected users.
Restrict access to the preview.php endpoint from external networks and monitor server logs.
Consult the official Wimi Teamwork documentation or contact Wimi technical support.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.