CVE-2026-3794 is a medium-severity improper authentication vulnerability discovered in doramart DoraCMS version 3.0.x, specifically within the Email API component at the endpoint /api/v1/mail/send. The vulnerability arises due to improper processing of requests to this API, which allows remote attackers to bypass authentication mechanisms entirely. The flaw requires no privileges, no user interaction, and can be exploited remotely over the network, making it relatively easy to leverage. The vulnerability affects the confidentiality, integrity, and availability of the affected system to a limited extent, as unauthorized actors could potentially send emails or perform other actions via the API, which may lead to information leakage or further attacks such as phishing or spam campaigns. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P) indicates no authentication or user interaction is required, with low attack complexity and partial impacts on confidentiality, integrity, and availability. The vendor has not issued any patches or advisories, and public exploit code is available, increasing the urgency for organizations to take mitigating actions. The vulnerability is currently not known to be exploited in the wild but poses a significant risk due to the availability of exploits and lack of vendor response.

The improper authentication vulnerability in DoraCMS 3.0.x can allow remote attackers to bypass authentication controls on the Email API endpoint, potentially enabling unauthorized email sending or manipulation of email-related functions. This can lead to information disclosure, unauthorized actions within the CMS, and facilitate further attacks such as phishing, spam distribution, or lateral movement within the network. Organizations relying on DoraCMS for website or content management may face reputational damage, data breaches, or service disruption. The lack of vendor response and patches increases the risk of exploitation, especially since public exploit code is available. The impact is particularly concerning for organizations that use DoraCMS in customer-facing or critical communication roles, as attackers could abuse the email functionality to impersonate legitimate communications or exfiltrate data.

Since no official patch or vendor response is available, organizations should implement the following mitigations: 1) Restrict network access to the vulnerable API endpoint (/api/v1/mail/send) using firewalls or web application firewalls (WAF) to allow only trusted IP addresses or internal networks. 2) Monitor and log all requests to the Email API endpoint for unusual or unauthorized activity. 3) Employ rate limiting and anomaly detection to detect and block suspicious email sending patterns. 4) If possible, disable or restrict the Email API functionality until a patch is available. 5) Conduct thorough security assessments and penetration tests to identify any exploitation attempts. 6) Keep DoraCMS installations isolated from critical internal systems to limit lateral movement. 7) Stay alert for any updates or patches from the vendor or community and apply them promptly. 8) Educate staff about phishing risks that could arise from exploitation of this vulnerability. These targeted controls go beyond generic advice by focusing on network-level restrictions, monitoring, and operational controls specific to the vulnerable API.