Cyber Resilience

CVE-2026-5756

High

Published: 14 April 2026

Published
14 April 2026
Modified
23 April 2026
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS Score 0.0001 2.5th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-5756 is a high-severity an unspecified weakness vulnerability in Datarecognitioncorp (inferred from references). Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 2.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-14 (Permitted Actions Without Identification or Authentication) and AC-3 (Access Enforcement).

Deeper analysis

CVE-2026-5756 is an unauthenticated configuration file modification vulnerability in DRC Central Office Services (COS). Published on 2026-04-14T18:17:39.600, it carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N). The issue allows attackers to modify the server's configuration file in this component.

Unauthenticated attackers with network access can exploit the vulnerability due to its low attack complexity and lack of required privileges or user interaction. Exploitation enables modification of the configuration file, potentially leading to mass data exfiltration, malicious traffic interception, or disruption of testing services.

Mitigation details are available in advisories from Data Recognition Corporation at https://www.datarecognitioncorp.com/ and CERT/CC vulnerability note VU#748485 at https://www.kb.cert.org/vuls/id/748485.

EU & UK References

Vulnerability details

Unauthenticated Configuration File Modification Vulnerability in DRC Central Office Services (COS) allows an attacker to modify the server's configuration file, potentially leading to mass data exfiltration, malicious traffic interception, or disruption of testing services.

CWE(s)
None listed

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

The CVE describes an unauthenticated remote vulnerability allowing direct modification of a server's configuration file in a network-accessible component, which maps directly to exploitation of public-facing applications.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

Affected Assets

Datarecognitioncorp
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Enforces approved authorizations preventing unauthenticated attackers from modifying server configuration files.

prevent

Restricts access to configuration changes to authorized roles or users, directly blocking unauthorized modifications to the configuration file.

preventdetect

Explicitly defines and limits actions permitted without authentication, excluding configuration file modifications and monitoring such attempts.

References