cnvd - cnvd-2025-23073

CNVD-2025-23073

Vulnerability from cnvd - Published: 2025-09-28

Title

JeecgBoot授权问题漏洞（CNVD-2025-23073）

Description

JeecgBoot是北京国炬信息技术有限公司的一款基于代码生成器的开源低代码开发平台。 JeecgBoot 3.8.2及之前版本存在安全漏洞，该漏洞源于/sys/tenant/deleteBatch文件中对ids参数的操作存在授权不当问题。攻击者可利用该漏洞通过远程方式实现越权操作。

Severity

低

Patch Name

JeecgBoot授权问题漏洞（CNVD-2025-23073）的补丁

Patch Description

JeecgBoot是北京国炬信息技术有限公司的一款基于代码生成器的开源低代码开发平台。 JeecgBoot 3.8.2及之前版本存在安全漏洞，该漏洞源于/sys/tenant/deleteBatch文件中对ids参数的操作存在授权不当问题。攻击者可利用该漏洞通过远程方式实现越权操作。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： https://vuldb.com/?id.325848

Reference

https://vuldb.com/?id.325848 https://vuldb.com/?ctiid.325848 https://vuldb.com/?submit.653335 https://www.cnblogs.com/aibot/p/19063351

Impacted products

Name
北京国炬信息技术有限公司 JeecgBoot <=3.8.2

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2025-10977",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2025-10977"
    }
  },
  "description": "JeecgBoot\u662f\u5317\u4eac\u56fd\u70ac\u4fe1\u606f\u6280\u672f\u6709\u9650\u516c\u53f8\u7684\u4e00\u6b3e\u57fa\u4e8e\u4ee3\u7801\u751f\u6210\u5668\u7684\u5f00\u6e90\u4f4e\u4ee3\u7801\u5f00\u53d1\u5e73\u53f0\u3002\n\nJeecgBoot 3.8.2\u53ca\u4e4b\u524d\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e/sys/tenant/deleteBatch\u6587\u4ef6\u4e2d\u5bf9ids\u53c2\u6570\u7684\u64cd\u4f5c\u5b58\u5728\u6388\u6743\u4e0d\u5f53\u95ee\u9898\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u8fdc\u7a0b\u65b9\u5f0f\u5b9e\u73b0\u8d8a\u6743\u64cd\u4f5c\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\nhttps://vuldb.com/?id.325848",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2025-23073",
  "openTime": "2025-09-28",
  "patchDescription": "JeecgBoot\u662f\u5317\u4eac\u56fd\u70ac\u4fe1\u606f\u6280\u672f\u6709\u9650\u516c\u53f8\u7684\u4e00\u6b3e\u57fa\u4e8e\u4ee3\u7801\u751f\u6210\u5668\u7684\u5f00\u6e90\u4f4e\u4ee3\u7801\u5f00\u53d1\u5e73\u53f0\u3002\r\n\r\nJeecgBoot 3.8.2\u53ca\u4e4b\u524d\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e/sys/tenant/deleteBatch\u6587\u4ef6\u4e2d\u5bf9ids\u53c2\u6570\u7684\u64cd\u4f5c\u5b58\u5728\u6388\u6743\u4e0d\u5f53\u95ee\u9898\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u8fdc\u7a0b\u65b9\u5f0f\u5b9e\u73b0\u8d8a\u6743\u64cd\u4f5c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "JeecgBoot\u6388\u6743\u95ee\u9898\u6f0f\u6d1e\uff08CNVD-2025-23073\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "\u5317\u4eac\u56fd\u70ac\u4fe1\u606f\u6280\u672f\u6709\u9650\u516c\u53f8 JeecgBoot \u003c=3.8.2"
  },
  "referenceLink": "https://vuldb.com/?id.325848\r\nhttps://vuldb.com/?ctiid.325848\r\nhttps://vuldb.com/?submit.653335\r\nhttps://www.cnblogs.com/aibot/p/19063351",
  "serverity": "\u4f4e",
  "submitTime": "2025-09-28",
  "title": "JeecgBoot\u6388\u6743\u95ee\u9898\u6f0f\u6d1e\uff08CNVD-2025-23073\uff09"
}

CVE-2025-10977 (GCVE-0-2025-10977)

Vulnerability from cvelistv5 – Published: 2025-09-25 22:32 – Updated: 2025-09-26 15:38

Title

JeecgBoot deleteBatch improper authorization

Summary

A vulnerability was identified in JeecgBoot up to 3.8.2. Impacted is an unknown function of the file /sys/tenant/deleteBatch. The manipulation of the argument ids leads to improper authorization. The attack is possible to be carried out remotely. The complexity of an attack is rather high. The exploitability is considered difficult. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity ?

2.3 (Low)


                        
                          CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P

3.1 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R

3.1 (Low)


                        
                          CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R

CWE

CWE-285 - Improper Authorization
CWE-266 - Incorrect Privilege Assignment

Assigner

VulDB

References

URL

Tags

	https://vuldb.com/?id.325848	vdb-entrytechnical-description
	https://vuldb.com/?ctiid.325848	signaturepermissions-required
	https://vuldb.com/?submit.653335	third-party-advisory
	https://www.cnblogs.com/aibot/p/19063351	exploit

Impacted products

	Vendor	Product	Version
	n/a	JeecgBoot	Affected: 3.8.0 Affected: 3.8.1 Affected: 3.8.2

Credits

lucasg2g (VulDB User)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-10977",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-26T15:36:42.990760Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-26T15:38:18.442Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "JeecgBoot",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "3.8.0"
            },
            {
              "status": "affected",
              "version": "3.8.1"
            },
            {
              "status": "affected",
              "version": "3.8.2"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "lucasg2g (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was identified in JeecgBoot up to 3.8.2. Impacted is an unknown function of the file /sys/tenant/deleteBatch. The manipulation of the argument ids leads to improper authorization. The attack is possible to be carried out remotely. The complexity of an attack is rather high. The exploitability is considered difficult. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way."
        },
        {
          "lang": "de",
          "value": "Eine Schwachstelle wurde in JeecgBoot up to 3.8.2 gefunden. Es geht dabei um eine nicht klar definierte Funktion der Datei /sys/tenant/deleteBatch. Die Ver\u00e4nderung des Parameters ids resultiert in improper authorization. Der Angriff kann \u00fcber das Netzwerk passieren. Das Durchf\u00fchren eines Angriffs ist mit einer relativ hohen Komplexit\u00e4t verbunden. Die Ausnutzung wird als schwierig beschrieben. Der Exploit ist \u00f6ffentlich verf\u00fcgbar und k\u00f6nnte genutzt werden."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 2.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 2.1,
            "vectorString": "AV:N/AC:H/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:UR",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-285",
              "description": "Improper Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-266",
              "description": "Incorrect Privilege Assignment",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-25T22:32:08.286Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-325848 | JeecgBoot deleteBatch improper authorization",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.325848"
        },
        {
          "name": "VDB-325848 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.325848"
        },
        {
          "name": "Submit #653335 | jeecgboot  JeecgBoot 3.8.2 broken function level authorization",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.653335"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://www.cnblogs.com/aibot/p/19063351"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-09-25T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-09-25T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-09-25T16:26:14.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "JeecgBoot deleteBatch improper authorization"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-10977",
    "datePublished": "2025-09-25T22:32:08.286Z",
    "dateReserved": "2025-09-25T14:20:56.882Z",
    "dateUpdated": "2025-09-26T15:38:18.442Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2025-23073

CVE-2025-10977 (GCVE-0-2025-10977)

Tags

Sightings

Nomenclature