Vulnerabilities > CVE-2024-11961 - Unspecified vulnerability in Huayi-Tec Jeewms 3.7

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

huayi-tec

NVD

Published: 2024-11-28

Updated: 2024-12-11

Summary

A vulnerability was found in Guangzhou Huayi Intelligent Technology Jeewms 3.7. It has been rated as problematic. This issue affects the function preHandle of the file src/main/java/com/zzjee/wm/controller/WmOmNoticeHController.java. The manipulation of the argument request leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Vulnerable Configurations

Part	Description	Count
Application	Huayi-Tec Huayi TEC Jeewms 3.7	1

References

https://github.com/dycccccccc/JEEWMS/blob/main/JEEWMS%20Shipper%20Information%20Leakage.docx
https://vuldb.com/?ctiid.286343
https://vuldb.com/?id.286343
https://vuldb.com/?submit.445596