Yeqifu Warehouse Improper Authorization Vulnerability in Notice Management Component

A vulnerability exists in Yeqifu Warehouse versions up to commit aaf29962ba407d22d991781de28796ee7b4670e4. The issue is located in the Notice Management component, specifically within the NoticeController.java file. The vulnerability arises from a lack of proper authorization checks in the addNotice, updateNotice, deleteNotice, and batchDeleteNotice functions. This flaw allows any logged-in user to create, update, or delete notices, potentially leading to the spread of misinformation, the concealment of important announcements, or disruptions in internal communication. The vulnerability can be exploited remotely, and a public exploit is available.

Impact

Exploitation of this vulnerability allows for improper authorization, enabling users to bypass access controls and manipulate system notices without appropriate permissions. This could lead to unauthorized changes in the notice management system, such as deleting important announcements or spreading false information.

Reproduction

To reproduce this vulnerability, log in as a user with low privileges. Then, send a request to the deleteNotice endpoint, including the ID of the notice to be deleted. The absence of authorization checks will allow the request to be processed successfully, deleting the specified notice.