CVE-2022-2647

Summary

A vulnerability was found in jeecg-boot. It has been declared as critical. This vulnerability affects unknown code of the file /api/. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-205594 is the identifier assigned to this vulnerability.

Affected Software

VendorProductVersion RangeStatus
unspecifiedjeecg-bootn/aaffected

Weaknesses

  • CWE-434: CWE-434 Unrestricted Upload

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References