CVE-2026-27895

Published: Mar 18, 2026 Last Modified: Mar 18, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 4,3

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: low

User Interaction: none

Scope: unchanged

Confidentiality: none

Integrity: low

Availability: none

Description

AI Translation Available

LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. Prior to version 9.5, the PDF export component does not correctly validate uploaded file extensions. This way any file type (including .php files) can be uploaded. With GHSA-w7xq-vjr3-p9cf, an attacker can achieve remote code execution as the web server user. Version 9.5 fixes the issue. Although upgrading is recommended, a workaround would be to make /var/lib/ldap-account-manager/config read-only for the web-server user.

185

Incorrect Regular Expression

Draft

Abstraction: Class Structure: Simple

Common Consequences

Security Scopes Affected:

Other Access Control

Potential Impacts:

Unexpected State Varies By Context Bypass Protection Mechanism

Applicable Platforms

All platforms may be affected

View CWE Details

https://github.com/LDAPAccountManager/lam/releases/tag/9.5

https://github.com/LDAPAccountManager/lam/security/advisori…

https://github.com/LDAPAccountManager/lam/security/advisories/GHSA-88hf-2cjm-m9…