cbcvebase.
CVE-2022-32430
published 2022-07-21

CVE-2022-32430: An access control issue in Lin CMS Spring Boot v0.2.1 allows attackers to access the backend information and functions within the application.

PriorityP353high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
3.63%
88.1th percentile
An access control issue in Lin CMS Spring Boot v0.2.1 allows attackers to access the backend information and functions within the application.

Affected

1 ranges
VendorProductVersion rangeFixed in
talelinlin-cms-spring-boot

Detection & IOCsextracted from sources · hover to see the quote

url/cms/admin/group/all
  • Detect exploitation attempts by monitoring GET requests to /cms/admin/group/all with a hardcoded default JWT Bearer token in the Authorization header returning HTTP 200 with JSON body fields 'id', 'name', 'level'.
  • Fingerprint exposed Lin CMS Spring Boot instances via Shodan/FOFA using the application's distinctive Chinese-language HTML body string.
  • ·The hardcoded default JWT token has a fixed expiry (exp: 1753193479); defenders should monitor for this exact token value regardless of expiry, as attackers may forge new tokens using the same leaked secret key.
  • ·Vulnerability is confirmed only against Lin CMS Spring Boot v0.2.1; other versions are not confirmed affected.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.