EUVD-2026-17622
GHSA-7fh7-8xqm-3g88
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
4Description
Admidio is an open-source user management solution. From version 5.0.0 to before version 5.0.8, Admidio relies on adm_my_files/.htaccess to deny direct HTTP access to uploaded documents. The Docker image ships with AllowOverride None in the Apache configuration, which causes Apache to silently ignore all .htaccess files. As a result, any file uploaded to the documents module regardless of the role-based permissions configured in the UI, is directly accessible over HTTP without authentication by anyone who knows the file path. The file path is disclosed in the upload response JSON. This issue has been patched in version 5.0.8.
Analysis
Unauthenticated remote access to restricted documents in Admidio 5.0.0-5.0.7 Docker deployments allows disclosure of role-protected files. The Docker image's Apache configuration disables .htaccess processing (AllowOverride None), bypassing intended access controls on uploaded documents. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify all Admidio Docker deployments using versions 5.0.0-5.0.7 and take instances offline or restrict network access. Within 7 days: Upgrade to Admidio 5.0.8 or later (verify availability with vendor), or deploy a reverse proxy (nginx/Apache) with explicit authentication rules for /documents/* paths before Admidio. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today