Primary

Context

Zhisheng17 Blog Authentication Bypass Vulnerability

Vulnerability

An authentication bypass vulnerability has been identified in Zhisheng17 Blog version 3.0.1-SNAPSHOT. This vulnerability allows attackers to access the '/admin/' API without a token. The issue arises in the 'BaseInterceptor' class, specifically within the 'preHandle' method, where the request URI is not properly validated. Attackers can exploit this by manipulating the URI to bypass authentication and access restricted resources.

Impact

Exploitation of this vulnerability allows for unauthorized access to admin APIs, potentially leading to unauthorized actions such as deleting comments.

Reproduction

To reproduce this vulnerability, send a request to the '/admin/comments/delete' endpoint without an authentication token. The server will respond with a redirect to the login page. However, if the request URI is modified to include '../' to bypass the interceptor's checks, access to the endpoint will be granted, allowing for the deletion of comments.

Added: Aug 22, 2025, 5:50 PM

Updated: Aug 22, 2025, 6:47 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.6

remediation

0.0

relevance

0.4

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.6

remediation

0.0

relevance

0.4

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Zhisheng17 Blog Authentication Bypass Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating