CVE-2026-2669 – This vulnerability allows unauthorized deletion... (How to Fix)

Q: What is the severity of CVE-2026-2669?

CVE-2026-2669 has a CVSS score of 6.5 (MEDIUM). This vulnerability allows unauthorized deletion of user accounts in the Rongzhitong Visual Integrated Command and Dispatch Platform due to improper access controls. Remote attackers can exploit this to delete arbitrary user accounts without proper authentication. Organizations using this platform up to version 20260206 are affected.

📋 TL;DR

This vulnerability allows unauthorized deletion of user accounts in the Rongzhitong Visual Integrated Command and Dispatch Platform due to improper access controls. Remote attackers can exploit this to delete arbitrary user accounts without proper authentication. Organizations using this platform up to version 20260206 are affected.

💻 Affected Systems

Products:

Rongzhitong Visual Integrated Command and Dispatch Platform

Versions: Up to and including 20260206

Operating Systems: Not specified - likely platform independent

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the User Handler component via the /dm/dispatch/user/delete endpoint with ID parameter manipulation.

📦 What is this software?

Visual Integrated Command And Dispatch Platform by Rongzhitong

View all CVEs affecting Visual Integrated Command And Dispatch Platform →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of user management system leading to service disruption, privilege escalation, or denial of service through mass account deletion.

🟠

Likely Case

Unauthorized deletion of administrative or regular user accounts causing operational disruption and potential data loss.

🟢

If Mitigated

Limited impact with proper network segmentation and authentication controls in place.

🌐 Internet-Facing: HIGH - Remote exploitation is possible and exploit details are publicly available.

🏢 Internal Only: MEDIUM - Internal attackers could exploit this if they have network access to the system.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit details are publicly disclosed on GitHub and vuldb.com. The vendor has not responded to disclosure attempts.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Monitor vendor communications for updates.

🔧 Temporary Workarounds

Network Access Restriction

linux

Restrict access to the vulnerable endpoint using firewall rules or web application firewall.

iptables -A INPUT -p tcp --dport [PORT] -s [TRUSTED_IPS] -j ACCEPT
iptables -A INPUT -p tcp --dport [PORT] -j DROP

Endpoint Blocking

all

Block access to the specific vulnerable endpoint /dm/dispatch/user/delete

# Configure web server to block /dm/dispatch/user/delete path

🧯 If You Can't Patch

Implement strict network segmentation to isolate the vulnerable system from untrusted networks.
Deploy web application firewall with rules to detect and block exploitation attempts targeting the user deletion endpoint.

🔍 How to Verify

Check if Vulnerable:

Check if your system version is 20260206 or earlier and has the /dm/dispatch/user/delete endpoint accessible.

Check Version:

Check application version in admin interface or configuration files (specific command depends on installation).

Verify Fix Applied:

Test if unauthorized user deletion attempts are properly blocked after implementing workarounds.

📡 Detection & Monitoring

Log Indicators:

Unauthorized access attempts to /dm/dispatch/user/delete
Multiple user deletion events from single IP
User deletion events without proper authentication logs

Network Indicators:

HTTP POST requests to /dm/dispatch/user/delete with ID parameter manipulation
Unusual traffic patterns to user management endpoints

SIEM Query:

source="web_logs" AND uri="/dm/dispatch/user/delete" AND (response_code=200 OR response_code=302) AND NOT user_authenticated=true

📊 Metadata

CVE ID: CVE-2026-2669

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

CWE: CWE-266

Published: February 18, 2026

Last Updated: February 26, 2026

🔗 References

https://github.com/21151213732/CVE/blob/main/VICDP-Unauthorized%20Access3.md Exploit,Third Party Advisory
https://vuldb.com/?ctiid.346466 Permissions Required,VDB Entry
https://vuldb.com/?id.346466 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.753294 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-2669, you might also want to check these: