Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
qinming99 dst-admin Delete Backup Function Can Be Disrupted Remotely
CVE-2026-2957
Summary
A security issue in the delete backup feature of qinming99 dst-admin version 1.5.0 and earlier can allow an attacker to disrupt this function, potentially causing service disruptions. This issue can be exploited remotely and exploit code is publicly available. It's recommended to update to the latest version of qinming99 dst-admin to address this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| dst-admin_project | dst-admin | <= 1.5.0 | – |
Original title
A weakness has been identified in qinming99 dst-admin up to 1.5.0. This impacts the function deleteBackup of the file src/main/java/com/tugos/dst/admin/controller/BackupController.java of the compo...
Original description
A weakness has been identified in qinming99 dst-admin up to 1.5.0. This impacts the function deleteBackup of the file src/main/java/com/tugos/dst/admin/controller/BackupController.java of the component File Handler. This manipulation causes denial of service. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
nvd CVSS2.0
5.5
nvd CVSS3.1
8.1
nvd CVSS4.0
5.3
Vulnerability type
CWE-404
- https://fx4tqqfvdw4.feishu.cn/docx/YKwydLrdno51JtxJksmcWSfbnvd?from=from_copylin... Exploit Third Party Advisory
- https://vuldb.com/?ctiid.347324 Permissions Required VDB Entry
- https://vuldb.com/?id.347324 Third Party Advisory VDB Entry
- https://vuldb.com/?submit.754510 Third Party Advisory VDB Entry
Published: 22 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026