CVE-2026-28515

HIGH EXPLOITED

openDCIM 23.04 - Privilege Escalation

Title source: llm

Exploitation Summary

CVE-2026-28515 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit, including a Metasploit module exploits/linux/http/opendcim_install_sqli_rce.

AI-analyzed exploit summary This Metasploit module exploits a SQL injection vulnerability in openDCIM's install.php (CVE-2026-28515) to achieve remote code execution by poisoning the Graphviz dot binary path and triggering its execution via report_network_map.php.

Description

openDCIM version 23.04, through commit 4467e9c4, contains a missing authorization vulnerability in install.php and container-install.php. The installer and upgrade handler expose LDAP configuration functionality without enforcing application role checks. Any authenticated user can access this functionality regardless of assigned privileges. In deployments where REMOTE_USER is set without authentication enforcement, the endpoint may be accessible without credentials. This allows unauthorized modification of application configuration.

Exploits (1)

metasploit WORKING POC EXCELLENT

rubypoclinux

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/opendcim_install_sqli_rce.rb

View Code ZIP pw:eip

This Metasploit module exploits a SQL injection vulnerability in openDCIM's install.php (CVE-2026-28515) to achieve remote code execution by poisoning the Graphviz dot binary path and triggering its execution via report_network_map.php.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: openDCIM 23.04 through 25.01

No auth needed

Prerequisites: Access to install.php endpoint · Network access to the target

MITRE ATT&CK