CVE-2026-28516

HIGH

openDCIM < 23.04 - Authenticated SQL Injection via Config::UpdateParameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-28516. Includes Metasploit module exploits/linux/http/opendcim_install_sqli_rce.

AI-analyzed exploit summary This Metasploit module exploits a SQL injection vulnerability in openDCIM's install.php (CVE-2026-28515) to achieve remote code execution by manipulating the Graphviz dot binary path and triggering an exec() call. It includes checks for vulnerability, backup/restore of configuration, and payload delivery.

Description

openDCIM version 23.04, through commit 4467e9c4, contains a SQL injection vulnerability in Config::UpdateParameter. The install.php and container-install.php handlers pass user-supplied input directly into SQL statements using string interpolation without prepared statements or proper input sanitation. An authenticated user can execute arbitrary SQL statements against the underlying database.

Exploits (1)

metasploit WORKING POC EXCELLENT

rubypoclinux

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/opendcim_install_sqli_rce.rb

View Code ZIP pw:eip

This Metasploit module exploits a SQL injection vulnerability in openDCIM's install.php (CVE-2026-28515) to achieve remote code execution by manipulating the Graphviz dot binary path and triggering an exec() call. It includes checks for vulnerability, backup/restore of configuration, and payload delivery.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: openDCIM 23.04 through 25.01

No auth needed

Prerequisites: Accessible install.php endpoint · Network access to the target

MITRE ATT&CK