{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-4831", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-03-25T14:11:38.305Z", "datePublished": "2026-03-26T01:02:35.060Z", "dateUpdated": "2026-03-26T14:16:51.497Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-03-26T01:02:35.060Z"}, "title": "kalcaddle kodbox Password-protected Share auth.class.php can improper authentication", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-287", "lang": "en", "description": "Improper Authentication"}]}], "affected": [{"vendor": "kalcaddle", "product": "kodbox", "versions": [{"version": "1.64", "status": "affected"}], "modules": ["Password-protected Share Handler"]}], "descriptions": [{"lang": "en", "value": "A security flaw has been discovered in kalcaddle kodbox 1.64. Impacted is the function can of the file /workspace/source-code/app/controller/explorer/auth.class.php of the component Password-protected Share Handler. Performing a manipulation results in improper authentication. The attack is possible to be carried out remotely. The complexity of an attack is rather high. The exploitability is considered difficult. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.3, "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 3.7, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R", "baseSeverity": "LOW"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R", "baseSeverity": "LOW"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-03-25T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-03-25T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-03-25T15:16:46.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "vulnplusbot (VulDB User)", "type": "reporter"}, {"lang": "en", "value": "VulDB", "type": "coordinator"}], "references": [{"url": "https://vuldb.com/?id.353128", "name": "VDB-353128 | kalcaddle kodbox Password-protected Share auth.class.php can improper authentication", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.353128", "name": "VDB-353128 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.775502", "name": "Submit #775502 | Kodbox 1.64 Improper Access Controls", "tags": ["third-party-advisory"]}, {"url": "https://vulnplus-note.wetolink.com/share/xdk9igJ3sulk", "tags": ["exploit"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-26T14:16:44.579794Z", "id": "CVE-2026-4831", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T14:16:51.497Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-4831", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-26T14:16:44.579794Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T14:16:47.935Z"}}], "cna": {"title": "kalcaddle kodbox Password-protected Share auth.class.php can improper authentication", "credits": [{"lang": "en", "type": "reporter", "value": "vulnplusbot (VulDB User)"}, {"lang": "en", "type": "coordinator", "value": "VulDB"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 3.7, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 3.7, "baseSeverity": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N/E:POC/RL:ND/RC:UR"}}], "affected": [{"vendor": "kalcaddle", "modules": ["Password-protected Share Handler"], "product": "kodbox", "versions": [{"status": "affected", "version": "1.64"}]}], "timeline": [{"lang": "en", "time": "2026-03-25T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-03-25T01:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-03-25T15:16:46.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.353128", "name": "VDB-353128 | kalcaddle kodbox Password-protected Share auth.class.php can improper authentication", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.353128", "name": "VDB-353128 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.775502", "name": "Submit #775502 | Kodbox 1.64 Improper Access Controls", "tags": ["third-party-advisory"]}, {"url": "https://vulnplus-note.wetolink.com/share/xdk9igJ3sulk", "tags": ["exploit"]}], "descriptions": [{"lang": "en", "value": "A security flaw has been discovered in kalcaddle kodbox 1.64. Impacted is the function can of the file /workspace/source-code/app/controller/explorer/auth.class.php of the component Password-protected Share Handler. Performing a manipulation results in improper authentication. The attack is possible to be carried out remotely. The complexity of an attack is rather high. The exploitability is considered difficult. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-287", "description": "Improper Authentication"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-03-26T01:02:35.060Z"}}}, "cveMetadata": {"cveId": "CVE-2026-4831", "state": "PUBLISHED", "dateUpdated": "2026-03-26T14:16:51.497Z", "dateReserved": "2026-03-25T14:11:38.305Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-03-26T01:02:35.060Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A security flaw has been discovered in kalcaddle kodbox 1.64. Impacted is the function can of the file /workspace/source-code/app/controller/explorer/auth.class.php of the component Password-protected Share Handler. Performing a manipulation results in improper authentication. The attack is possible to be carried out remotely. The complexity of an attack is rather high. The exploitability is considered difficult. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way."}], "id": "CVE-2026-4831", "lastModified": "2026-03-26T02:16:08.113", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 1.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-03-26T02:16:08.113", "references": [{"source": "cna@vuldb.com", "url": "https://vuldb.com/?ctiid.353128"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?id.353128"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?submit.775502"}, {"source": "cna@vuldb.com", "url": "https://vulnplus-note.wetolink.com/share/xdk9igJ3sulk"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.64"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "kodbox", "source": "cna", "vendor": "kalcaddle"}, "product": "kodbox", "vendor": "kalcaddle"}], "analysis": {"en": {"generated_at": "2026-03-26T04:20:36.708414+00:00", "value": {"mitigation_remediation": ["Apply any available patch from kalcaddle for version 1.64 as soon as it is released.", "If a patch is not yet available, disable the Password\u2011Protected Share Handler or remove the auth class from the publicly exposed web root until a fix isRestrict external access to the kodbox installation with firewall rules or network segmentation so that only trusted hosts can reach the vulnerable endpoint.", "Implement an additional authentication layer, such as multi\u2011factor authentication, around the protected resource area.", "Monitor access logs for repeated failed or suspicious login attempts and alert on potential exploitation attempts."], "summary": {"action": "Patch ASAP", "impact": "Improper Authentication enabling unauthorized access"}, "threat_synthesis": {"affected_systems": "The vulnerability affects kalcaddle kodbox version 1.64. No other vendors or products are listed as impacted.", "description_and_impact": "A flaw in the Password\u2011Protected Share Handler of kalcaddle kodbox allows an attacker to bypass authentication in the auth.class.php controller. By manipulating the request, an unauthorized user can gain access to protected resources and view or download data that should be restricted. This unauthorized access is a direct result of an authentication failure (CWE-287).", "risk_and_exploitability": "The CVSS score of 6.3 indicates moderate severity, and the absence of an EPSS entry combined with the fact that it is not listed in CISA's Known Exploited Vulnerabilities catalog suggests limited widespread exploitation so far. However, a public exploit has been released and the attack can be performed remotely. The complexity is high and the exploitability is considered difficult, yet an attacker with sufficient skill can forge a request that bypasses the authentication check and gain unauthorized access."}}}}, "created": "2026-03-26T11:30:52.142097+00:00", "updated": "2026-03-26T12:08:53.750530+00:00", "vendors": ["kalcaddle", "kalcaddle$PRODUCT$kodbox"]}