{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/erp-app/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":9.8,"id":"CVE-2026-14807"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["ERP App"],"_cs_severities":["critical"],"_cs_tags":["hard-coded-credentials","erp","web-application","vulnerability"],"_cs_type":"advisory","_cs_vendors":["PROG MIS"],"content_html":"\u003cp\u003eA critical vulnerability, tracked as CVE-2026-14807, has been identified in the ERP App developed by PROG MIS. This flaw is categorized as a Use of Hard-coded Credentials (CWE-798), enabling unauthenticated remote attackers to bypass the application's authentication mechanisms. Exploitation of this vulnerability grants attackers unauthorized login access, allowing them to view the application's source code. From the exposed code, attackers can extract sensitive information, specifically the database account and password. This provides a direct path to the underlying database, leading to potential compromise of all data managed by the ERP system. The vulnerability carries a CVSS v3.1 base score of 9.8, underscoring its severe impact on confidentiality, integrity, and availability. All versions of the PROG MIS ERP App are affected.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn unauthenticated remote attacker identifies the PROG MIS ERP App as vulnerable to CVE-2026-14807.\u003c/li\u003e\n\u003cli\u003eThe attacker leverages the inherent hard-coded credentials (CWE-798) to gain unauthorized authenticated access to the ERP App without needing valid user credentials.\u003c/li\u003e\n\u003cli\u003eUpon successful login, the attacker navigates through the application interface to access functionalities that allow viewing or downloading of application code files.\u003c/li\u003e\n\u003cli\u003eThe attacker extracts sensitive hard-coded database connection strings, including the database account username and password, directly from the exposed application code.\u003c/li\u003e\n\u003cli\u003eUsing the newly acquired database credentials, the attacker establishes a direct, unauthorized connection to the ERP system's backend database.\u003c/li\u003e\n\u003cli\u003eWith direct database access, the attacker can then perform various malicious activities, such as exfiltrating sensitive company data, modifying critical business records, or deploying further persistence mechanisms.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThe successful exploitation of CVE-2026-14807 has a severe impact on affected organizations utilizing the PROG MIS ERP App. Attackers gain complete access to the application's internal code, directly compromising intellectual property and potentially revealing further vulnerabilities. More critically, the database account and password can be obtained, leading to full compromise of the ERP system's underlying database. This allows for unauthorized viewing, modification, or deletion of sensitive financial, customer, and operational data, causing significant data breaches, operational disruption, and reputational damage. Given that ERP systems manage core business processes, the compromise could halt operations and incur substantial recovery costs.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePrioritize patching or applying vendor-provided security updates for the PROG MIS ERP App to mitigate CVE-2026-14807 immediately.\u003c/li\u003e\n\u003cli\u003eReview all application code for the PROG MIS ERP App to identify and remediate any instances of hard-coded credentials (CWE-798), replacing them with secure credential management practices (e.g., environment variables, secret management services).\u003c/li\u003e\n\u003cli\u003eImplement network segmentation to restrict direct database access from the ERP application servers to only necessary ports and services, limiting the blast radius if the application layer is compromised.\u003c/li\u003e\n\u003cli\u003eConduct a thorough post-incident forensic analysis if exploitation is suspected to identify potential lateral movement or data exfiltration.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-06T08:34:41Z","date_published":"2026-07-06T08:34:41Z","id":"https://feed.craftedsignal.io/briefs/2026-07-hardcoded-erp/","summary":"An unauthenticated remote attacker can exploit a Use of Hard-coded Credentials vulnerability (CWE-798) in the ERP App developed by PROG MIS, allowing the attacker to log in to view application code and obtain database account and password information, leading to high impact on confidentiality, integrity, and availability.","title":"CVE-2026-14807: PROG MIS ERP App Hard-coded Credentials Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-07-hardcoded-erp/"}],"language":"en","title":"CraftedSignal Threat Feed - ERP App","version":"https://jsonfeed.org/version/1.1"}