Vulnerability Description
A vulnerability, which was classified as critical, has been found in JeeWMS up to 20250504. Affected by this issue is the function dogenerateOne2Many of the file /generateController.do?dogenerateOne2Many of the component File Handler. The manipulation leads to improper access controls. The attack may be launched remotely. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huayi-Tec | Jeewms | <= 2025-05-04 |
Related Weaknesses (CWE)
References
- https://gitee.com/erzhongxmu/JEEWMS/issues/IC5FNVIssue Tracking
- https://vuldb.com/?ctiid.310682Permissions RequiredVDB Entry
- https://vuldb.com/?id.310682Third Party AdvisoryVDB Entry
FAQ
What is CVE-2025-5389?
CVE-2025-5389 is a vulnerability with a CVSS score of 6.3 (MEDIUM). A vulnerability, which was classified as critical, has been found in JeeWMS up to 20250504. Affected by this issue is the function dogenerateOne2Many of the file /generateController.do?dogenerateOne2M...
How severe is CVE-2025-5389?
CVE-2025-5389 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-5389?
Check the references section above for vendor advisories and patch information. Affected products include: Huayi-Tec Jeewms.