Hospital Management System Hit by Remote Unrestricted File Upload
The National Vulnerability Database (NVD) has disclosed CVE-2026-6602, a high-severity vulnerability affecting rickxy Hospital Management System versions up to 88a4290d957dc5bdde8a56e5ad451ad14f7f90f4. This flaw, rated 7.3 CVSS, allows for unrestricted file upload due to improper handling of the ad_dpic argument in /backend/admin/his_admin_account.php. Attackers can exploit this remotely, and public exploits are already available.
This isn’t just a theoretical bug; it’s a critical remote code execution vector. An attacker can upload a malicious web shell, gaining persistent access and control over the system. For hospital systems, this means direct access to patient data, operational disruption, or even the deployment of ransomware. The NVD notes that rickxy employs a rolling release model, making specific versioning for affected or updated releases unavailable, which complicates patching efforts.
Defenders must prioritize identifying instances of rickxy Hospital Management System within their environments. Given the public exploit and remote attack vector, this vulnerability presents an immediate and severe risk. Without clear versioning, assume all installations are vulnerable unless proven otherwise. Focus on network segmentation to isolate these systems and implement robust egress filtering to prevent outbound connections from compromised servers.
What This Means For You
- If your organization uses rickxy Hospital Management System, assume it's compromised or imminently at risk. This unrestricted file upload is a direct path to remote code execution. Immediately isolate these systems from the internet and internal networks. Patching may be complex due to the rolling release model, so focus on compensating controls: strong network segmentation, strict access controls, and continuous monitoring for suspicious file uploads or outbound connections from these servers. Audit logs for `/backend/admin/his_admin_account.php` and any unexpected file creations.
Related ATT&CK Techniques
🛡️ Detection Rules
3 rules · 6 SIEM formats3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.
CVE-2026-6602 - Unrestricted File Upload via ad_dpic parameter
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-6602 | Unrestricted Upload | rickxy Hospital Management System up to commit 88a4290d957dc5bdde8a56e5ad451ad14f7f90f4 |
| CVE-2026-6602 | Unrestricted Upload | Vulnerable file: /backend/admin/his_admin_account.php |
| CVE-2026-6602 | Unrestricted Upload | Vulnerable argument: ad_dpic |
Written by SCW Vulnerability Desk
Source & Attribution
| Source Platform | NVD |
| Channel | National Vulnerability Database |
| Published | April 20, 2026 at 07:16 UTC |
This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.
Believe this infringes your rights? Submit a takedown request.
Related Posts
CVE-2026-6607 — Lm-Sys Fastchat Vulnerability
CVE-2026-6607 — A security vulnerability has been detected in lm-sys fastchat up to 0.2.36. This issue affects the function api_generate of the component Worker API...
CVE-2026-6606: SSRF in ModelScope AgentScope Audio Processing
CVE-2026-6606 — A weakness has been identified in modelscope agentscope up to 1.0.18. This vulnerability affects the function _process_audio_block of the file src/agentscope/agent/_agent_base.py. Executing a...
ModelScope AgentScope Hit by Critical SSRF Vulnerability
CVE-2026-6605 — A security flaw has been discovered in modelscope agentscope up to 1.0.18. This affects the function _get_bytes_from_web_url of the file src/agentscope/_utils/_common.py of the...