PT-2026-22536 · Thinkgem · Jeesite
Saul1213
+1
·
Published
2026-03-02
·
Updated
2026-03-03
·
CVE-2026-3405
CVSS v3.1
8.1
High
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
thinkgem JeeSite versions up to 5.15.1
Description
A path traversal issue exists in thinkgem JeeSite, specifically within the Connection Handler component. The issue allows for remote attacks with high complexity, though exploitability is considered difficult. The exploit details have been publicly disclosed. The vendor was informed of the issue but did not respond.
Recommendations
Update thinkgem JeeSite to a version beyond 5.15.1.
Exploit
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Jeesite