Description
A security flaw has been discovered in kodcloud KodExplorer up to 4.52. Affected is the function initInstall of the file /app/controller/systemMember.class.php. Performing a manipulation of the argument path results in authorization bypass. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-04-19
Score: 5.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Authorization Bypass
Action: Update
AI Analysis

Impact

A flaw in KodExplorer’s initInstall function allows an attacker to manipulate the path argument and bypass authorization checks. The vulnerability can be leveraged remotely, enabling an unauthenticated user to trigger the installation routine with elevated privileges, which may lead to unauthorized configuration changes or the execution of malicious code during the installation process. The weakness is rooted in improper validation of user-controlled input, falling under CWE‑285 (Improper Authorization) and CWE‑639 (Authorization Bypass Through User‑Controlled Key).

Affected Systems

The issue affects all installations of kodcloud KodExplorer running version 4.52 or earlier. The vulnerability resides in /app/controller/systemMember.class.php within the initInstall method.

Risk and Exploitability

The CVSS base score of 5.1 indicates a moderate severity. Attack code for this flaw has already been released to the public, and it can be exploited remotely without prior authentication. Although an EPSS value is not available, the existence of a publicly available exploit and the vendor’s lack of response suggest a non‑negligible likelihood of exploitation. This vulnerability is not listed in the CISA KEV catalog.

Generated by OpenCVE AI on April 19, 2026 at 13:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update KodExplorer to the latest version that contains a fix for the initInstall authorization bypass, as released by kodcloud or listed on the vendor’s advisory pages.
  • If a patch has not yet been issued, restrict access to the initInstall endpoint so that only authenticated administrators can invoke it, and enforce strict validation of the ‘path’ parameter against an approved whitelist of acceptable values.
  • Continuously monitor application logs and network traffic for suspicious requests to the initInstall route, and consider temporarily disabling the endpoint or moving it behind additional authentication or network segmentation until a vendor‑provided fix is applied.

Generated by OpenCVE AI on April 19, 2026 at 13:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sun, 19 Apr 2026 11:30:00 +0000

Type Values Removed Values Added
Description A security flaw has been discovered in kodcloud KodExplorer up to 4.52. Affected is the function initInstall of the file /app/controller/systemMember.class.php. Performing a manipulation of the argument path results in authorization bypass. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Title kodcloud KodExplorer systemMember.class.php initInstall authorization
First Time appeared Kodcloud
Kodcloud kodexplorer
Weaknesses CWE-285
CWE-639
CPEs cpe:2.3:a:kodcloud:kodexplorer:*:*:*:*:*:*:*:*
Vendors & Products Kodcloud
Kodcloud kodexplorer
References
Metrics cvssV2_0

{'score': 3.3, 'vector': 'AV:N/AC:L/Au:M/C:N/I:P/A:N/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 2.7, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 2.7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Kodcloud Kodexplorer
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-04-19T11:00:17.545Z

Reserved: 2026-04-18T19:06:59.838Z

Link: CVE-2026-6570

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-04-19T12:16:32.763

Modified: 2026-04-19T12:16:32.763

Link: CVE-2026-6570

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-19T13:30:27Z

Weaknesses