PT-2026-22536 · Thinkgem · Jeesite
Saul1213
+1
·
Publicado
2026-03-02
·
Atualizado
2026-03-03
·
CVE-2026-3405
CVSS v3.1
8.1
Alta
| Vetor | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
thinkgem JeeSite versions up to 5.15.1
Description
A path traversal issue exists in thinkgem JeeSite, specifically within the Connection Handler component. The issue allows for remote attacks with high complexity, though exploitability is considered difficult. The exploit details have been publicly disclosed. The vendor was informed of the issue but did not respond.
Recommendations
Update thinkgem JeeSite to a version beyond 5.15.1.
Exploit
Correção
Path traversal
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Jeesite