medium advisory March 28, 2026

elecV2 elecV2P Server-Side Request Forgery Vulnerability (CVE-2026-5016)

A server-side request forgery vulnerability exists in elecV2 elecV2P up to 3.8.3, affecting the eAxios function within the /mock URL handler, allowing remote attackers to manipulate the req argument and potentially conduct internal reconnaissance or other malicious activities.

A server-side request forgery (SSRF) vulnerability, tracked as CVE-2026-5016, has been identified in elecV2 elecV2P versions up to 3.8.3. The vulnerability lies within the eAxios function of the /mock URL handler. By manipulating the req argument, a remote attacker can potentially force the server to make requests to arbitrary internal or external addresses. This could lead to the exposure of sensitive information, internal reconnaissance, or other malicious actions. The exploit is…

Detection coverage 2

Detect Suspicious elecV2 SSRF via Mock Endpoint

medium

Detects potential Server-Side Request Forgery (SSRF) attempts targeting the /mock endpoint in elecV2 elecV2P by monitoring for suspicious URL patterns in the req parameter.

sigma tactics: initial_access techniques: T1190 sources: webserver, linux

Detect elecV2 elecV2P Version Disclosure via HTTP Response

info

Detects potential version disclosure in elecV2 elecV2P HTTP responses, which can aid attackers in identifying vulnerable instances.

sigma tactics: reconnaissance techniques: T1595.001 sources: webserver, linux

Detection queries are kept inside the platform. Get full rules →