CVE-2026-4536
Published: 22 March 2026
Summary
CVE-2026-4536 is a high-severity Improper Access Control (CWE-284) vulnerability. Its CVSS base score is 7.3 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 16.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Validates file upload inputs to block unrestricted uploads of dangerous types, directly addressing CWE-434 and CWE-284.
Enforces access controls to prevent unauthenticated remote manipulation leading to unrestricted file uploads.
Restricts types and amounts of information inputs to systems, mitigating unrestricted file upload capabilities.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Unrestricted file upload on public-facing web platform enables remote exploitation (T1190) and direct web shell deployment for execution/persistence (T1505.003).
NVD Description
A vulnerability was found in Acrel Environmental Monitoring Cloud Platform 1.1.0. This issue affects some unknown processing. Performing a manipulation results in unrestricted upload. The attack may be initiated remotely. The exploit has been made public and could be used.…
more
The vendor was contacted early about this disclosure but did not respond in any way.
Deeper analysisAI
CVE-2026-4536 is a vulnerability discovered in the Acrel Environmental Monitoring Cloud Platform version 1.1.0, affecting some unknown processing component. It allows for unrestricted file upload through manipulation, classified under CWE-284 (Improper Access Control) and CWE-434 (Unrestricted Upload of File with Dangerous Type). The issue carries a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L), indicating high severity due to its network accessibility and lack of prerequisites.
The vulnerability can be exploited remotely by unauthenticated attackers with low complexity and no user interaction required. Successful exploitation enables limited impacts on confidentiality, integrity, and availability, such as potential unauthorized file placement that could lead to further compromise depending on the uploaded content. An exploit has been made public and is available for use.
Advisories referenced in VulDB entries (ctiid.352324, id.352324, submit.774423) and a GitHub repository detail the issue but note that the vendor was contacted early for disclosure without any response, implying no official patches or mitigations are available at this time. Security practitioners should isolate or decommission affected instances where possible.
Details
- CWE(s)