{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2026-31271", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-04-07T17:21:35.549Z", "dateReserved": "2026-03-09T00:00:00.000Z", "datePublished": "2026-04-07T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-07T17:21:35.549Z"}, "descriptions": [{"lang": "en", "value": "megagao production_ssm v1.0 contains an authorization bypass vulnerability in the user addition functionality. The insert() method in UserController.java lacks authentication checks, allowing unauthenticated attackers to create super administrator accounts by directly accessing the /user/insert endpoint. This leads to complete system compromise."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/clockw1se0v0/Vul/blob/main/production_ssm/Unauthorized.md"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}}, "dataVersion": "5.2"}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "megagao production_ssm v1.0 contains an authorization bypass vulnerability in the user addition functionality. The insert() method in UserController.java lacks authentication checks, allowing unauthenticated attackers to create super administrator accounts by directly accessing the /user/insert endpoint. This leads to complete system compromise."}], "id": "CVE-2026-31271", "lastModified": "2026-04-08T21:27:00.663", "metrics": {}, "published": "2026-04-07T18:16:41.000", "references": [{"source": "cve@mitre.org", "url": "https://github.com/clockw1se0v0/Vul/blob/main/production_ssm/Unauthorized.md"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Awaiting Analysis"}

{}

{"analysis": {"en": {"generated_at": "2026-04-07T22:55:44.164416+00:00", "value": {"mitigation_remediation": ["Apply a patched version of megagao production_ssm that enforces authentication on the user insertion functionality.", "If a patch is not immediately available, restrict or disable the /user/insert endpoint for unauthenticated users until a fix is deployed.", "Implement server\u2011side verification to ensure only authorized users can create administrator accounts.", "Review all other application endpoints for similar authorization bypasses.", "Monitor application logs for unexpected creation of high\u2011privilege accounts and investigate anomalies."], "summary": {"action": "Patch\u00a0Now", "impact": "Unauthorized privileged account creation leading to full system compromise"}, "threat_synthesis": {"affected_systems": "megagao production_ssm version 1.0 is impacted. No other vendors or products are documented as affected in the current advisory.", "description_and_impact": "The vulnerability exists in the \ninsert() method of UserController.java, which omits authentication checks. When a client invokes the \n/user/insert endpoint, an attacker can create a super administrator account without providing credentials. This privileges escalation gives the attacker complete control over the application, allowing modification or deletion of data, unauthorized access to sensitive information, and overall compromise of confidentiality, integrity, and availability.", "risk_and_exploitability": "Because the endpoint can be reached without authentication, exploitation can occur from any network location that can reach the application. The EPSS score is not available and the vulnerability is not listed in the CISA KEV catalog, but the lack of authentication makes the risk high and the potential damage extensive. The likely attack vector is a remote HTTP request to the /user/insert endpoint, inferred from the absence of authentication controls."}}}}, "created": "2026-04-08T19:50:23.761558+00:00", "title": "Authorization Bypass Allowing Privileged Account Creation in megagao production_ssm", "updated": "2026-04-08T19:50:23.761586+00:00", "vendors": [], "weaknesses": ["CWE-284", "CWE-269"]}