Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

CVE-2026-55477— Authenticated Arbitrary File Write via Database Import and Xray Log Path Manipulation

CVSS 7.2 · High EPSS 0.34% · P26

Affected Version Matrix 1

VendorProductVersion RangeStatus
MHSanaei3x-ui< 3.3.1affected
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-55477

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Authenticated Arbitrary File Write via Database Import and Xray Log Path Manipulation
Source: NVD (National Vulnerability Database)
Vulnerability Description
3X-UI is a web control panel for managing Xray-core servers. Prior to 3.3.1, an authenticated administrator can abuse the database import functionality to achieve arbitrary file write on the host by modifying Xray configuration values stored in the database. This can be leveraged to obtain code execution and persistent access as the user running Xray (including root when Xray is running as root). This vulnerability is fixed in 3.3.1.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
文件名或路径的外部可控制
Source: NVD (National Vulnerability Database)
Vulnerability Title
MHSanaei 3X-UI 输入验证错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
mhsanaei 3x-ui是mhsanaei个人开发者开源的一个面板管理工具。 MHSanaei 3X-UI 3.3.1之前版本存在输入验证错误漏洞,该漏洞源于滥用数据库导入功能,通过修改数据库中存储的Xray配置值实现对主机上的任意文件写入,可能导致代码执行和持久访问。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
MHSanaei3x-ui < 3.3.1 -

II. Public POCs for CVE-2026-55477

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-55477

登录查看更多情报信息。

Vendor Advisories for CVE-2026-55477 (1)

IV. Related Vulnerabilities

V. Comments for CVE-2026-55477

No comments yet


Leave a comment