cbcvebase.
CVE-2023-33510
published 2023-06-07

CVE-2023-33510: Jeecg P3 Biz Chat 1.0.5 allows remote attackers to read arbitrary files through specific parameters.

PriorityP275high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
4.04%
89.3th percentile
Jeecg P3 Biz Chat 1.0.5 allows remote attackers to read arbitrary files through specific parameters.

Affected

1 ranges
VendorProductVersion rangeFixed in
jeecg_p3_biz_chat_projectjeecg_p3_biz_chat

Detection & IOCsextracted from sources · hover to see the quote

url/chat/imController/showOrDownByurl.do?dbPath=../../../../../../etc/passwd
otherhttp.favicon.hash:1380908726
othericon_hash=1380908726
  • Send a GET request to the vulnerable endpoint with a path traversal payload in the `dbPath` parameter targeting /etc/passwd; a successful LFI response will contain the regex pattern `root:.*:0:0:` in the response body with HTTP 200.
  • Identify exposed Jeecg P3 Biz Chat instances using Shodan favicon hash 1380908726 or FOFA icon_hash=1380908726.
  • ·The vulnerability is exploitable without authentication (PR:N, UI:N) via a simple GET request, making it trivially exploitable at scale.
  • ·The affected version is specifically Jeecg P3 Biz Chat 1.0.5 deployed as a WordPress plugin; detections should be scoped to this framework context.
  • ·EPSS score of 0.74037 (98.834th percentile) indicates very high probability of exploitation in the wild; prioritize detection and patching accordingly.

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
vulncheck7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.