CVE-2026-28515

HIGH

openDCIM 23.04 - Privilege Escalation

Title source: llm

Description

openDCIM version 23.04, through commit 4467e9c4, contains a missing authorization vulnerability in install.php and container-install.php. The installer and upgrade handler expose LDAP configuration functionality without enforcing application role checks. Any authenticated user can access this functionality regardless of assigned privileges. In deployments where REMOTE_USER is set without authentication enforcement, the endpoint may be accessible without credentials. This allows unauthorized modification of application configuration.

Exploits (1)

metasploit WORKING POC EXCELLENT

rubypoclinux

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/opendcim_install_sqli_rce.rb

View Code ZIP pw:eip

References (8)

[Various Sources] https://chocapikk.com/posts/2026/opendcim-sqli-to-rce/

[Various Sources] https://github.com/Chocapikk/opendcim-exploit

View Writeup ZIP pw:eip

[Third Party Advisory] https://github.com/opendcim/openDCIM/blob/4467e9c4/container-install.php#L421-L435

[Third Party Advisory] https://github.com/opendcim/openDCIM/blob/4467e9c4/install.php#L293

[Third Party Advisory] https://github.com/opendcim/openDCIM/blob/4467e9c4/install.php#L420-L434

View Writeup ZIP pw:eip

[Issue Tracking] https://github.com/opendcim/openDCIM/pull/1664

[Issue Tracking] https://github.com/opendcim/openDCIM/pull/1664/changes/8f7ab2a710086a9c8c269560793e47c577ddda09

[Third Party Advisory] https://www.vulncheck.com/advisories/opendcim-missing-authorization-in-install-php

Scores

CVSS v3 8.8

EPSS 0.4106

EPSS Percentile 97.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-862

Status published

Products (1)

opendcim/opendcim 23.04

Published Feb 27, 2026

Tracked Since Feb 28, 2026