CVE-2026-3110

Root

Cause CVE-2026-3110 is an Insecure Direct Object Reference (IDOR) vulnerability in Campus Educativa, an e-learning platform. The flaw exists in the endpoint /administracion/admin_usuarios.cgi?filtro_estado=T&wAccion=listado_xlsx&wBuscar=&wFiltrar=&wOrden=alta_usuario&wid_cursoActual=[ID], which is designed to export the list of users enrolled in a specific course. The [ID] parameter directly references the course identifier without proper authorization checks, allowing an unauthenticated attacker to manipulate this parameter [1].

Exploitation

An attacker can exploit this vulnerability without any authentication by sending crafted requests to the vulnerable endpoint. By brute-forcing numeric course IDs, the attacker can enumerate all courses and retrieve the enrolment list for each one. The attacker only needs network access to the application; no special privileges are required [1].

Impact

Successful exploitation allows the attacker to access sensitive personal data of users, including usernames, first and last names, email addresses, and phone numbers. This data exposure affects all users enrolled in any course, potentially leading to privacy breaches, targeted phishing campaigns, or identity theft [1].

Mitigation

The vendor, Educativa, has addressed this vulnerability in version 14.05.00-159 and later releases. Users of the product are strongly advised to upgrade to the latest version to remediate the issue [1].