id: CVE-2026-25892

info:
  name: Adminer 4.6.2 - 5.4.1 Unauthenticated Persistent DoS
  author: DhiyaneshDk
  severity: high
  description: |
    Adminer <= 5.4.1 contains a denial of service caused by lack of origin validation in version check endpoint, letting attackers trigger server errors via crafted POST requests, exploit requires no special privileges.
  impact: |
    Attackers can cause server errors resulting in denial of service for all users.
  remediation: Upgrade to Adminer 5.4.2 or later.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
    cvss-score: 7.5
    cwe-id: CWE-20
    epss-score: 0.04457
    epss-percentile: 0.8926
  reference:
    - https://github.com/vrana/adminer/security/advisories/GHSA-q4f2-39gr-45jh
    - https://github.com/vrana/adminer/commit/21d3a3150388677b18647d68aec93b7850e457d3
  metadata:
    verified: true
    max-request: 3
    vendor: adminer
    product: adminer
    fofa-query: 'title="Adminer" || body="Adminer"'
    shodan-query: 'http.title:"Adminer"'
  tags: cve,cve2026,adminer,passive

http:
  - method: GET
    path:
      - '{{BaseURL}}/adminer.php'
      - '{{BaseURL}}/editor.php'
      - '{{BaseURL}}/adminer/'

    headers:
      Accept-Language: en-US,en;q=0.5
    stop-at-first-match: true

    redirects: true

    extractors:
      - type: regex
        name: version
        part: body
        group: 1
        regex:
          - '<span class="version">([0-9.]+)'
          - 'amp;version=([0-9.]+)'

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "Adminer</title>"
          - "Adminer</a>"
        condition: or

      - type: status
        status:
          - 200

      - type: dsl
        dsl:
          - 'compare_versions(version, ">=4.6.2", "<=5.4.1")'
# digest: 4a0a00473045022100a74822b947d5e5184eb0e2c59f29821a52bb8daa8825af29c31760fe3c9401aa02206a034b4b6581099410584955bfdf323278925ad2f9824b03748d617a655d8b5b:922c64590222798bb761d5b6d8e72950