CVE-2026-32230 Scanner
CVE-2026-32230 Scanner - Information Disclosure vulnerability in Uptime-Kuma
Short Info
Level
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
13 days 13 hours
Scan only one
URL
Toolbox
Uptime-Kuma is an open-source, self-hosted monitoring tool designed to help developers and system administrators track the uptime and performance of their services. It is widely used by individuals and organizations who need to ensure that their online services and servers are available to users without interruptions. With features like customizable notifications and detailed monitoring statistics, Uptime-Kuma provides crucial insights into the status of IT infrastructure. By monitoring downtime and performance metrics, it helps in making informed decisions for maintenance and improvements. Users appreciate its extensibility, ability to run on their servers, and its user-friendly interface.
The vulnerability detected in Uptime-Kuma prior to version 1.23.0 is classified as Information Disclosure. The issue arises due to improper access control on a specific endpoint, which allows unauthenticated users to access internal monitoring data. This includes leaking statistics about service pings, such as the average ping and ping history, which should only be visible to authenticated users. Such vulnerabilities can lead to unauthorized exposure of sensitive internal information, possibly aiding attackers in recon campaigns. Effective authorization checks were not implemented on the affected endpoint.
Technical details of the vulnerability reveal that the endpoint "/api/badge/1/ping/24" lacks proper authorization, allowing any user to request sensitive monitoring data. The vulnerable parameter is the ping data which gets exposed publicly without authentication barriers. Attackers can access detailed ping statistics which can provide insights into the performance and uptime metrics of monitored services. The endpoint incorrectly processed unauthenticated requests, leading to this disclosure.
The exploitation of this vulnerability could lead to several potential impacts. Unauthorized access to monitoring data gives attackers information about the network's uptime and performance, which can be used to strategize further attacks or exploit other weaknesses. Such data is undoubtedly valuable for reconnaissance efforts, allowing malicious users to understand the operational aspects of the target infrastructure. Although it might not cause direct harm, the exposure of these details can assist in planning and executing more sophisticated attacks.
REFERENCES
