CVE-2022-31886

MEDIUM

Marval MSM v14.19.0.12476 - Cross-Site Request Forgery via 2FA Disable Form

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-31886. PoCs published by Momen Eldawakhly.

AI-analyzed exploit summary This exploit demonstrates a Cross-Site Request Forgery (CSRF) vulnerability in Marval MSM v14.19.0.12476, allowing an attacker to disable two-factor authentication (2FA) via a crafted HTML form. The PoC submits a POST request to a specific endpoint with a pre-defined classPath and classMode parameter.

Description

Marval MSM v14.19.0.12476 is vulnerable to Cross Site Request Forgery (CSRF). An attacker can disable the 2FA by sending the user a malicious form.

Exploits (1)

exploitdb WORKING POC
by Momen Eldawakhly · textremotewindows
https://www.exploit-db.com/exploits/50957

This exploit demonstrates a Cross-Site Request Forgery (CSRF) vulnerability in Marval MSM v14.19.0.12476, allowing an attacker to disable two-factor authentication (2FA) via a crafted HTML form. The PoC submits a POST request to a specific endpoint with a pre-defined classPath and classMode parameter.

Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Marval MSM v14.19.0.12476
No auth needed
Prerequisites: Victim must visit the malicious HTML page · Target must be authenticated in the same browser session
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Product, Vendor Advisory x_refsource_misc
https://marvalglobal.com/
Exploit, Third Party Advisory x_refsource_misc
https://drive.google.com/drive/folders/1Zy5Oa-maLo0ACfLz90uvxqxwG18DwAZY

Scores

CVSS v3 6.5
EPSS 0.0169
EPSS Percentile 74.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Details

CWE
CWE-352
Status published
Products (1)
marvalglobal/marval_msm 14.19.0.12476
Published Jun 28, 2022
Tracked Since Feb 18, 2026