Primary

Context

jishenghua jshERP Path Traversal Vulnerability in SystemConfigController Export Function

Vulnerability

A critical path traversal vulnerability has been identified in jshERP versions through 3.5. The issue arises in the 'exportExcelByParam' function within 'SystemConfigController.java', where the 'title' parameter is manipulated, allowing attackers to traverse directories. This vulnerability can be exploited remotely, and a public exploit is available.

Impact

Exploitation of this vulnerability allows for arbitrary file creation or overwriting of existing files in targeted directories.

Reproduction

To reproduce this vulnerability, send a request to the '/systemConfig/exportExcelByParam' endpoint with a crafted 'title' parameter that includes path traversal sequences. This will exploit the lack of validation on the parameter, leading to unauthorized file access or modification.

Added: Jul 14, 2025, 4:42 AM

Updated: Jul 14, 2025, 4:42 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

6.6

remediation

0.0

relevance

0.2

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

6.6

remediation

0.0

relevance

0.2

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

jishenghua jshERP Path Traversal Vulnerability in SystemConfigController Export Function

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating