Primary

Context

Guangzhou Huayi Intelligent Technology Jeewms Path Traversal Vulnerability

Vulnerability

A critical path traversal vulnerability has been identified in Guangzhou Huayi Intelligent Technology Jeewms versions through 20241229. The issue arises in the file /wmOmNoticeHController.do, where improper handling of external input allows attackers to traverse directories and access files outside of the intended directory. This vulnerability can be exploited remotely without authentication, potentially leading to unauthorized access to sensitive files.

Impact

Exploitation of this vulnerability could result in unauthorized access to files outside the restricted directory, potentially compromising sensitive information.

Remediation

Users are advised to upgrade to Jeewms version 20250101 to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

8.7

remediation

7.7

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

8.7

remediation

7.7

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Guangzhou Huayi Intelligent Technology Jeewms Path Traversal Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating