Primary

Context

DrangSoft GCB/FCB Audit Software Missing Authentication Vulnerability Allowing Unauthenticated Account Creation

Vulnerability

A missing authentication vulnerability has been identified in GCB/FCB Audit Software developed by DrangSoft, affecting versions prior to 20260108. This vulnerability allows unauthenticated remote attackers to access certain APIs and create new administrative accounts.

Impact

Exploitation of this vulnerability allows for the creation of administrative accounts, potentially leading to unauthorized access and control within the application.

Remediation

Users are advised to update the software to version 20260108 or later.

Added: Mar 17, 2026, 8:19 AM

Updated: Mar 17, 2026, 8:19 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

4.0

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

4.0

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

DrangSoft GCB/FCB Audit Software Missing Authentication Vulnerability Allowing Unauthenticated Account Creation

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating