Security Advisory

CVE-2026-29909

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-30 00:00:00

Last updated 2026-03-30 19:24:14

Assigner mitre

State PUBLISHED

Description

MRCMS V3.1.2 contains an unauthenticated directory enumeration vulnerability in the file management module. The /admin/file/list.do endpoint lacks authentication controls and proper input validation, allowing remote attackers to enumerate directory contents on the server without any credentials.

← Browse all CVEs View on cve.org ↗