CVE-2022-2647

Published: Aug 4, 2022Modified: Nov 21, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

A vulnerability was found in jeecg-boot. It has been declared as critical. This vulnerability affects unknown code of the file /api/. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-205594 is the identifier assigned to this vulnerability.

Affected (1)

Products: Jeecg: Jeecg Boot

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Jeecg Jeecg Boot	All versions

Related CWEs

Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

References (4)

https://vuldb.com/?id.205594

Source: cna@vuldb.com

Permissions RequiredThird Party AdvisoryVDB Entry

https://www.cnblogs.com/J0o1ey/p/16550583.html

Source: cna@vuldb.com

Permissions Required

https://vuldb.com/?id.205594

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions RequiredThird Party AdvisoryVDB Entry

https://www.cnblogs.com/J0o1ey/p/16550583.html

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions Required

Timeline

No history available yet.