MacCMS 2025.1000.4052 Missing Authentication Vulnerability (CVE-2026-4562)
A missing authentication vulnerability exists in MacCMS 2025.1000.4052, specifically affecting the Timming API Endpoint component in application/api/controller/Timming.php, allowing remote attackers to bypass authentication.
CVE-2026-4562 details a missing authentication vulnerability within MacCMS version 2025.1000.4052. The vulnerability is located in the application/api/controller/Timming.php file, specifically within the Timming API Endpoint component. This flaw allows unauthenticated remote attackers to execute actions that should normally require authentication. The vulnerability has been publicly disclosed, increasing the risk of exploitation. Defenders should prioritize identifying and mitigating…
Detection coverage 2
Detect Access to MacCMS Timming API Endpoint
mediumDetects access to the Timming API endpoint in MacCMS, which is vulnerable to authentication bypass.
Detect POST Requests to MacCMS Timming API Endpoint
highDetects POST requests to the Timming API endpoint, potentially indicating an exploit attempt.
Detection queries are kept inside the platform. Get full rules →