CVE-2026-24728
Lifecycle Timeline
2DescriptionCVE.org
A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to access exposed administrative functionality without prior authentication.
AnalysisAI
A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker versions up to 2025 is affected by missing authentication for critical function.
Technical ContextAI
This vulnerability (CWE-306: Missing Authentication for Critical Function) affects A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker. A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to access exposed administrative functionality without prior authentication.
Affected ProductsAI
Product: A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker. Versions: up to 2025.
RemediationAI
Monitor vendor advisories for a patch.
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today