Login Sign Up

CVE-2026-1194

5.3 MEDIUM

📋 TL;DR

A security vulnerability in MineAdmin 1.x/2.x allows remote attackers to exploit the Swagger component to disclose sensitive information. This affects all systems running vulnerable versions of MineAdmin with Swagger enabled. The exploit is publicly available and can be executed remotely without authentication.

💻 Affected Systems

Products:
  • MineAdmin
Versions: 1.x and 2.x
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Affects systems with Swagger component enabled. The vulnerability is in the Swagger implementation within MineAdmin.

📦 What is this software?

Mineadmin by Mineadmin

View all CVEs affecting Mineadmin →

Mineadmin by Mineadmin

View all CVEs affecting Mineadmin →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could access sensitive configuration data, API keys, database credentials, or other internal information that could lead to further system compromise.

🟠

Likely Case

Unauthorized disclosure of internal API documentation, configuration details, or system information that could aid attackers in reconnaissance for further attacks.

🟢

If Mitigated

Limited exposure of non-critical information if proper network segmentation and access controls are implemented.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: CONFIRMED
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploit code is publicly available on GitHub. Attack can be performed remotely without authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Vendor was contacted but did not respond. Consider upgrading to a newer version if available or implementing workarounds.

🔧 Temporary Workarounds

Disable Swagger Component

all

Disable the Swagger component in MineAdmin configuration to prevent exploitation

Edit MineAdmin configuration to disable Swagger endpoints

Network Access Control

linux

Restrict network access to MineAdmin Swagger endpoints using firewall rules

iptables -A INPUT -p tcp --dport [MineAdmin_port] -s [allowed_ips] -j ACCEPT
iptables -A INPUT -p tcp --dport [MineAdmin_port] -j DROP

🧯 If You Can't Patch

  • Implement strict network segmentation to isolate MineAdmin instances from untrusted networks
  • Deploy web application firewall (WAF) rules to block access to Swagger endpoints

🔍 How to Verify

Check if Vulnerable:

Check if MineAdmin version is 1.x or 2.x and Swagger endpoints are accessible

Check Version:

Check MineAdmin version in application configuration or admin interface

Verify Fix Applied:

Verify Swagger endpoints are no longer accessible or return appropriate access denied responses

📡 Detection & Monitoring

Log Indicators:

  • Unusual access patterns to Swagger endpoints
  • Multiple failed access attempts to /swagger or /api-docs paths

Network Indicators:

  • External IP addresses accessing Swagger documentation endpoints
  • Traffic to /swagger-ui.html or similar paths

SIEM Query:

source_ip=external AND (url_path CONTAINS 'swagger' OR url_path CONTAINS 'api-docs') AND status_code=200

📊 Metadata

CVE ID: CVE-2026-1194
CVSS v3 Score: 5.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CWE: CWE-200
EPSS Score: 0.04% exploit probability (10.4th percentile)
Published: January 20, 2026
Last Updated: February 5, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-1194, you might also want to check these:

CVE-2025-61481 10.0

MikroTik RouterOS and SwOS expose their WebFig management interface over unencrypted HTTP by default...

Same vulnerability type (CWE-200)
CVE-2025-53624 10.0

The Docusaurus gists plugin versions before 4.0.0 expose GitHub Personal Access Tokens in client-sid...

Same vulnerability type (CWE-200)
CVE-2023-49103 10.0

This vulnerability in ownCloud's graphapi app exposes PHP configuration details (phpinfo) via a thir...

Same vulnerability type (CWE-200)