CVE-2024-43028

Critical CVSS: 9.8

A command injection vulnerability in the component /jmreport/show of jeecg boot v3.0.0 to v3.5.3 allows attackers to execute arbitrary code via a crafted HTTP request.

Vendor

Jeecg

Product

Jeecg Boot

CWE

CWE-77

Yayın Tarihi

2026-04-01 17:16:57

Güncelleme

2026-04-06 15:34:18

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-77 Jeecg Boot CRITICAL Jeecg 2026

Referanslar

https://gist.github.com/aqyoung/e3b7ba5d8b8261df7d09931dbe779b3b https://pan.baidu.com/s/1h2RGEvxuvsKtsn2-TlFlmA?pwd=gf5r

Benzer Kayıtlar

Critical

CVE-2024-40489

There is an injection vulnerability in jeecg boot versions 3.0.0 to 3.5.3 due to lax character filtering, which allows a…

Medium

CVE-2026-2945

A weakness has been identified in JeecgBoot 3.9.0. Affected by this vulnerability is an unknown functionality of the fil…

Medium

CVE-2026-2822

A security vulnerability has been detected in JeecgBoot up to 3.9.1. The affected element is an unknown function of the…

Low

CVE-2026-2555

A weakness has been identified in JeecgBoot 3.9.1. This vulnerability affects the function importDocumentFromZip of the…

Medium

CVE-2026-2111

A weakness has been identified in JeecgBoot up to 3.9.0. Affected by this issue is some unknown functionality of the fil…

Medium

CVE-2026-1746

A vulnerability was identified in JeecgBoot 3.9.0. This vulnerability affects unknown code of the file /JeecgBoot/sys/ap…