{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2026-30404", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-03-24T01:10:21.428Z", "dateReserved": "2026-03-04T00:00:00.000Z", "datePublished": "2026-03-19T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-19T15:48:52.924Z"}, "descriptions": [{"lang": "en", "value": "The backend database management connection test feature in wgcloud v3.6.3 has a server-side request forgery (SSRF) vulnerability. This issue can be exploited to make the server send requests to probe the internal network, remotely download malicious files, and perform other dangerous operations."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/tianshiyeben/wgcloud/issues/98"}, {"url": "https://github.com/TTTlw1024/qwe/issues/3"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-918", "lang": "en", "description": "CWE-918 Server-Side Request Forgery (SSRF)"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-24T01:08:24.998909Z", "id": "CVE-2026-30404", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-24T01:10:21.428Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-30404", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-24T01:08:24.998909Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "CWE-918 Server-Side Request Forgery (SSRF)"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-24T01:10:17.126Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://github.com/tianshiyeben/wgcloud/issues/98"}, {"url": "https://github.com/TTTlw1024/qwe/issues/3"}], "descriptions": [{"lang": "en", "value": "The backend database management connection test feature in wgcloud v3.6.3 has a server-side request forgery (SSRF) vulnerability. This issue can be exploited to make the server send requests to probe the internal network, remotely download malicious files, and perform other dangerous operations."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-19T15:48:52.924Z"}}}, "cveMetadata": {"cveId": "CVE-2026-30404", "state": "PUBLISHED", "dateUpdated": "2026-03-24T01:10:21.428Z", "dateReserved": "2026-03-04T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-03-19T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wgstart:wgcloud:*:*:*:*:*:*:*:*", "matchCriteriaId": "CE012BD6-0C9B-4F63-957E-78C9565F977C", "versionEndIncluding": "3.6.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The backend database management connection test feature in wgcloud v3.6.3 has a server-side request forgery (SSRF) vulnerability. This issue can be exploited to make the server send requests to probe the internal network, remotely download malicious files, and perform other dangerous operations."}, {"lang": "es", "value": "La caracter\u00edstica de prueba de conexi\u00f3n de gesti\u00f3n de base de datos de backend en wgcloud v3.6.3 tiene una vulnerabilidad de falsificaci\u00f3n de petici\u00f3n del lado del servidor (SSRF). Este problema puede ser explotado para hacer que el servidor env\u00ede peticiones para sondear la red interna, descargar archivos maliciosos de forma remota y realizar otras operaciones peligrosas."}], "id": "CVE-2026-30404", "lastModified": "2026-04-02T12:20:21.730", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-19T16:16:02.060", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking"], "url": "https://github.com/TTTlw1024/qwe/issues/3"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking"], "url": "https://github.com/tianshiyeben/wgcloud/issues/98"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "3.6.3"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "wgcloud", "vendor": "tianshiyeben"}], "analysis": {"en": {"generated_at": "2026-04-02T13:26:57.404312+00:00", "value": {"mitigation_remediation": ["Upgrade to the latest release of wgcloud that removes the vulnerable connection\u2011test endpoint.", "If an upgrade is not immediately possible, disable or block the database connection test feature in the application configuration or via API restrictions.", "Configure network segmentation or firewall rules to restrict outbound connections from the wgcloud server to only known, trusted destinations.", "Monitor logs for unexpected outbound HTTP requests or connection attempts originating from the wgcloud service."], "summary": {"action": "Immediate Patch", "impact": "Server\u2011side request forgery allowing the attacker to probe internal networks and download arbitrary files"}, "threat_synthesis": {"affected_systems": "The affected product is wgcloud version 3.6.3, distributed by the vendor wgstart. No other vendors or products are explicitly listed; the CPE string confirms a single product family. The flaw is limited to the database connection test functionality within this version.", "description_and_impact": "The vulnerability resides in the backend database management connection test feature of wgcloud 3.6.3 and enables a classic SSRF flaw (CWE\u2011918). When exercised, the server will send requests to arbitrary URLs specified by the attacker. This can be used to discover internal services, transfer sensitive data out of the protected network, or download malicious payloads for later exploitation. The impact is therefore the inadvertent disclosure or manipulation of internal data and the potential for further compromise, with confidentiality and integrity risks for the organization\u2019s internal resources.", "risk_and_exploitability": "The CVSS score of 7.5 denotes a high level of risk while the EPSS value of less than 1% suggests that current exploit attempts are rare. This vulnerability is not listed in the CISA KEV catalog, implying that widespread, publicly available exploits are not yet known. The likely attack vector requires exploitation of the API endpoint that initiates the connection test, possibly requiring authenticated access by an administrator or privileged user. Once accessed, the attacker can instruct the server to reach out to any internal or external address, exposing the network to reconnaissance and entry points for further attacks."}}}}, "created": "2026-03-20T08:58:07.118905+00:00", "updated": "2026-04-02T20:23:23.120600+00:00", "vendors": ["tianshiyeben", "tianshiyeben$PRODUCT$wgcloud"]}