CVE-2023-33510
published 2023-06-07CVE-2023-33510: Jeecg P3 Biz Chat 1.0.5 allows remote attackers to read arbitrary files through specific parameters.
PriorityP275high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
4.04%
89.3th percentile
Jeecg P3 Biz Chat 1.0.5 allows remote attackers to read arbitrary files through specific parameters.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jeecg_p3_biz_chat_project | jeecg_p3_biz_chat | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Send a GET request to the vulnerable endpoint with a path traversal payload in the `dbPath` parameter targeting /etc/passwd; a successful LFI response will contain the regex pattern `root:.*:0:0:` in the response body with HTTP 200. ↗
- →Identify exposed Jeecg P3 Biz Chat instances using Shodan favicon hash 1380908726 or FOFA icon_hash=1380908726. ↗
- ·The vulnerability is exploitable without authentication (PR:N, UI:N) via a simple GET request, making it trivially exploitable at scale. ↗
- ·The affected version is specifically Jeecg P3 Biz Chat 1.0.5 deployed as a WordPress plugin; detections should be scoped to this framework context. ↗
- ·EPSS score of 0.74037 (98.834th percentile) indicates very high probability of exploitation in the wild; prioritize detection and patching accordingly. ↗
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
vulncheck7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Jeecg P3 Biz Chat allows remote attackers to read arbitrary files
osv·2023-06-07
CVE-2023-33510 [HIGH] Jeecg P3 Biz Chat allows remote attackers to read arbitrary files
Jeecg P3 Biz Chat allows remote attackers to read arbitrary files
Jeecg P3 Biz Chat 1.0.5 allows remote attackers to read arbitrary files through specific parameters.
GHSA
Jeecg P3 Biz Chat allows remote attackers to read arbitrary files
ghsa·2023-06-07
CVE-2023-33510 [HIGH] CWE-668 Jeecg P3 Biz Chat allows remote attackers to read arbitrary files
Jeecg P3 Biz Chat allows remote attackers to read arbitrary files
Jeecg P3 Biz Chat 1.0.5 allows remote attackers to read arbitrary files through specific parameters.
VulnCheck
jeecg_p3_biz_chat_project jeecg_p3_biz_chat Exposure of Resource to Wrong Sphere
vulncheck·2023·CVSS 7.5
CVE-2023-33510 [HIGH] jeecg_p3_biz_chat_project jeecg_p3_biz_chat Exposure of Resource to Wrong Sphere
jeecg_p3_biz_chat_project jeecg_p3_biz_chat Exposure of Resource to Wrong Sphere
Jeecg P3 Biz Chat 1.0.5 allows remote attackers to read arbitrary files through specific parameters.
Affected: jeecg_p3_biz_chat_project jeecg_p3_biz_chat
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://media.defense.gov/2024/Sep/18/2003547016/-1/-1/0/CSA-PRC-LINKED-ACTORS-BOTNET.PDF
No detection rules found.
Nuclei
Jeecg P3 Biz Chat - Local File Inclusion
nuclei·CVSS 7.5
CVE-2023-33510 [HIGH] Jeecg P3 Biz Chat - Local File Inclusion
Jeecg P3 Biz Chat - Local File Inclusion
Jeecg P3 Biz Chat 1.0.5 allows remote attackers to read arbitrary files through specific parameters.
Template:
id: CVE-2023-33510
info:
name: Jeecg P3 Biz Chat - Local File Inclusion
author: DhiyaneshDK
severity: high
description: |
Jeecg P3 Biz Chat 1.0.5 allows remote attackers to read arbitrary files through specific parameters.
impact: |
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files, remote code execution, and potential compromise of the entire system.
remediation: |
Apply the latest patch or update provided by the vendor to fix the LFI vulnerability in Jeecg P3 Biz Chat.
reference:
- https://twitter.com/momika233/status/1670701256535572481
- https://carl1l.github.io/2023/05/08/jeecg-p3-biz-
2023-06-07
Published
Exploited in the wild