CVE-2026-1196 – This vulnerability in MineAdmin 1.x/2.x allows ... (How to Fix)

Q: What is the severity of CVE-2026-1196?

CVE-2026-1196 has a CVSS score of 3.1 (LOW). This vulnerability in MineAdmin 1.x/2.x allows remote attackers to access sensitive information through manipulation of the ID parameter in the /system/getFileInfoById endpoint. The attack requires high complexity but has been publicly disclosed, potentially affecting any system running vulnerable versions of MineAdmin.

📋 TL;DR

This vulnerability in MineAdmin 1.x/2.x allows remote attackers to access sensitive information through manipulation of the ID parameter in the /system/getFileInfoById endpoint. The attack requires high complexity but has been publicly disclosed, potentially affecting any system running vulnerable versions of MineAdmin.

💻 Affected Systems

Products:

MineAdmin

Versions: 1.x and 2.x

Operating Systems: All platforms running MineAdmin

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the /system/getFileInfoById endpoint specifically

📦 What is this software?

Mineadmin by Mineadmin

View all CVEs affecting Mineadmin →

Mineadmin by Mineadmin

View all CVEs affecting Mineadmin →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Sensitive system information, configuration data, or user data could be exposed to unauthorized remote attackers.

🟠

Likely Case

Limited information disclosure of system metadata or file details that could aid further attacks.

🟢

If Mitigated

No impact if proper access controls and input validation are implemented.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: HIGH

Exploit has been publicly disclosed but requires high complexity to execute

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Vendor did not respond to disclosure.

🔧 Temporary Workarounds

Block vulnerable endpoint

all

Restrict access to /system/getFileInfoById endpoint using web server or application firewall rules

# Example for nginx: location ~ ^/system/getFileInfoById { deny all; }
# Example for Apache: <Location "/system/getFileInfoById"> Require all denied </Location>

Implement input validation

all

Add strict input validation for the ID parameter to prevent manipulation

# Implement server-side validation to ensure ID parameter matches expected format

🧯 If You Can't Patch

Implement network segmentation to isolate MineAdmin instances from untrusted networks
Deploy web application firewall with rules to detect and block parameter manipulation attempts

🔍 How to Verify

Check if Vulnerable:

Test if /system/getFileInfoById endpoint responds to manipulated ID parameters with unexpected information

Check Version:

Check MineAdmin version in application configuration or admin panel

Verify Fix Applied:

Verify endpoint no longer returns sensitive information with manipulated parameters

📡 Detection & Monitoring

Log Indicators:

Unusual access patterns to /system/getFileInfoById
Multiple failed parameter manipulation attempts

Network Indicators:

HTTP requests to /system/getFileInfoById with unusual parameter values

SIEM Query:

source="web_server" AND uri="/system/getFileInfoById" AND (param.ID contains suspicious_patterns)

📊 Metadata

CVE ID: CVE-2026-1196

CVSS v3 Score: 3.1 (LOW)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE: CWE-200

EPSS Score: 0.03% exploit probability (8.4th percentile)

Published: January 20, 2026

Last Updated: February 5, 2026

🔗 References

https://github.com/SourByte05/MineAdmin-Vulnerability/issues/3 Exploit,Issue Tracking,Mitigation,Third Party Advisory
https://vuldb.com/?ctiid.341781 Permissions Required,VDB Entry
https://vuldb.com/?id.341781 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.734273 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-1196, you might also want to check these: