CVE-2026-5147

HIGH

YunaiV yudao-cloud get-by-website sql injection

Title source: cna

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-5147. PoCs published by lan1oc.

AI-analyzed exploit summary This repository contains a functional Python script for exploiting CVE-2026-5147, a SQL injection vulnerability. The script supports both boolean-based and time-based blind SQL injection techniques, with features for calibration, schema extraction, and data dumping.

Description

A security flaw has been discovered in YunaiV yudao-cloud up to 2026.01. This affects an unknown part of the file /admin-api/system/tenant/get-by-website. The manipulation of the argument Website results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

Exploits (1)

nomisec WORKING POC

by lan1oc · poc

https://github.com/lan1oc/cve-2026-5147-exp

View Code ZIP pw:eip

This repository contains a functional Python script for exploiting CVE-2026-5147, a SQL injection vulnerability. The script supports both boolean-based and time-based blind SQL injection techniques, with features for calibration, schema extraction, and data dumping.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: Unknown (SQL injection in a web application)

No auth needed

Prerequisites: Target URL with vulnerable endpoint · Python environment with 'requests' library

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Apr 08, 2026 Full analysis →

References (5)

Core 5

Core References

Vdb Entry, Technical Description vdb-entry technical-description

VDB-354181 | YunaiV yudao-cloud get-by-website sql injection

https://vuldb.com/vuln/354181

Signature, Permissions Required signature permissions-required

VDB-354181 | CTI Indicators (IOB, IOC, TTP, IOA)

https://vuldb.com/vuln/354181/cti

Third Party Advisory third-party-advisory

Submit #780191 | YunaiV yudao-cloud <=v2026.01 SQL Injection

https://vuldb.com/submit/780191

View Writeup ZIP pw:eip

Exploit exploit

https://github.com/NarcherAlter/Security_Note/blob/main/Vulnerability_Discovery/yudaoCloudv2026.01.md#admin-apisystemtenantget-by-website

View Exploit ZIP pw:eip

Scores

CVSS v3 7.3

EPSS 0.0033

EPSS Percentile 24.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-74 CWE-89

Status published

Products (1)

YunaiV/yudao-cloud 2026.01

Published Mar 30, 2026

Tracked Since Mar 31, 2026