What is CVE-2026-7043?

A medium-severity vulnerability has been identified in GreenCMS, affecting versions up to 2.3. This issue allows unrestricted file uploads and may pose significant risks to organizations using outdated versions. Immediate action is required to mitigate potential exploitation.

What is the severity of CVE-2026-7043?

CVE-2026-7043 has a severity rating of MEDIUM with a CVSS base score of 5.3.

CVE-2026-7043 | Medium Vulnerability in GreenCMS

A vulnerability has been found in GreenCMS up to 2.3. This impacts the function pluginAddLocal of the file /index.php?m=admin&c=custom&a=pluginadd. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

The CVSS score for this vulnerability is 5.3, classifying it as medium severity. Risk to organizations includes unauthorized file uploads that could lead to further exploitation or system compromise. Organizations should prioritize patching immediately.

Exploitation status indicates that while the vulnerability has been disclosed, there are currently no confirmed public exploits. However, the potential for exploitation exists, and organizations utilizing unsupported versions of GreenCMS are particularly at risk.

Organizations should consider immediate remediation efforts to secure their systems from this vulnerability and mitigate any associated risks.

Vulnerability Details

This vulnerability allows unrestricted file uploads in the GreenCMS application due to improper validation in the pluginAddLocal function. The manipulation of the affected file can lead to unauthorized access and potential exploitation of system resources.

The vulnerability is classified under CWE-284 (Improper Access Control) and CWE-434 (Unrestricted Upload of File with Dangerous Type), highlighting the flaws in access control mechanisms and file upload handling.

With a CVSS score of 5.3, this vulnerability poses a medium threat level, indicating that it could be exploited with low complexity and minimal privileges required.

Technical Analysis

The root cause of this vulnerability lies in the lack of proper validation of user inputs during the file upload process. This oversight can allow an attacker to upload malicious files, leading to potential system compromise.

The attack vector is classified as NETWORK, allowing remote attackers to exploit the vulnerability without needing physical access to the affected system. The attack complexity is low, meaning that attackers can easily initiate the attack.

No user interaction is required for exploitation, which increases the risk. The impact on confidentiality, integrity, and availability is considered low, but the potential consequences could still be severe if exploited.

Risk & Impact Analysis

Organizations using GreenCMS are at risk of unauthorized file uploads, which could lead to unauthorized access or further exploitation of the system. The blast radius includes all instances of the application that are running unsupported versions.

The urgency for remediation is classified as medium, given the potential for exploitation and the existence of a public exploit. Organizations should address this vulnerability in their priority patch cycle.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

All versions of GreenCMS prior to 2.4 are affected. Organizations using these versions should take immediate action to mitigate risks associated with this vulnerability.

Mitigation & Remediation

Organizations should prioritize patching to the latest version of GreenCMS. If a patch is unavailable, they should consider implementing workarounds such as restricting file upload permissions and employing web application firewalls to filter malicious requests.

For further guidance on securing applications, organizations can access our application security assessment services.

Detection Guidance

Monitor logs for indicators of unauthorized file uploads and any anomalies in user behavior. Implement network signatures to detect unusual file upload patterns.

AppSecure Threat Intelligence Insight

This vulnerability highlights the importance of maintaining supported software versions to mitigate security risks. It also serves as a reminder for organizations to regularly audit their applications for vulnerabilities.

For insights on vulnerability management, organizations may benefit from our vulnerability management program design.

Additionally, understanding the implications of file upload vulnerabilities can be further explored in our file upload vulnerabilities prevention strategies guide.

Finally, regular assessments through penetration testing can help identify similar vulnerabilities before they can be exploited.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2026-7043: Medium Vulnerability in GreenCMS