Plattform
java
Komponente
jsherp
Behoben in
3.0.1
3.1.1
3.2.1
3.3.1
3.4.1
3.5.1
3.6.1
CVE-2026-1588 is a Path Traversal vulnerability affecting jshERP versions 3.0 through 3.6. This flaw allows attackers to potentially access unauthorized files and directories within the system. The vulnerability resides in the install function of the com.gitee.starblues.integration.operator.DefaultPluginOperator component, specifically within the /jshERP-boot/plugin/installByPath file. A public proof-of-concept exists, and the project has not yet responded to the reported issue.
The primary impact of CVE-2026-1588 is unauthorized access to files and directories on the server hosting jshERP. An attacker could leverage this vulnerability to read sensitive configuration files, source code, or other data that could be used to further compromise the system. While the CVSS score is LOW (2.7), the public availability of a proof-of-concept significantly increases the risk of exploitation. Successful exploitation could lead to data breaches, system disruption, and potential lateral movement within the network if the compromised files contain credentials or other sensitive information.
CVE-2026-1588 has been publicly disclosed and a proof-of-concept is available, indicating a higher probability of exploitation. It is not currently listed on CISA KEV. The vulnerability's simplicity and the availability of a PoC suggest that attackers may actively target systems running vulnerable versions of jshERP. The lack of a response from the project increases the urgency of implementing mitigation measures.
Organizations utilizing jshERP for their ERP needs, particularly those running versions 3.0 through 3.6, are at risk. Shared hosting environments where multiple users share the same server instance are especially vulnerable, as a compromise of one user's jshERP installation could potentially expose data for other users on the same server.
• linux / server: Monitor access logs for requests containing directory traversal sequences (e.g., ../). Use journalctl to filter for errors related to file access attempts.
journalctl -u jshERP -g 'path traversal'• generic web: Use curl to test for path traversal vulnerabilities by appending directory traversal sequences to the vulnerable endpoint.
curl 'http://<jshERP_server>/jshERP-boot/plugin/installByPath?path=../../../../etc/passwd' disclosure
Exploit-Status
EPSS
0.07% (22% Perzentil)
CISA SSVC
CVSS-Vektor
Due to the lack of a provided fix, immediate mitigation strategies are crucial. Implement strict access controls to limit the potential damage from unauthorized file access. Consider using a Web Application Firewall (WAF) to filter requests and block attempts to exploit the path traversal vulnerability. Monitor system logs for suspicious activity, particularly requests containing directory traversal sequences (e.g., ../). While a direct patch is unavailable, regularly review and harden the jshERP configuration to minimize the attack surface. Verification after implementing these measures should involve attempting to access restricted files via the vulnerable endpoint and confirming access is denied.
Actualizar jshERP a una versión posterior a 3.6 que corrija la vulnerabilidad de path traversal. Si no hay una versión disponible, se recomienda contactar al proveedor para obtener un parche o una solución alternativa.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-1588 is a Path Traversal vulnerability in jshERP versions 3.0–3.6, allowing attackers to potentially access unauthorized files via the install function.
You are affected if you are running jshERP versions 3.0 through 3.6 and have not implemented mitigating controls.
A patch is not currently available. Implement WAF rules, access controls, and monitor logs as immediate mitigations.
A public proof-of-concept exists, suggesting a potential for active exploitation.
The project has not yet responded to the reported issue. Monitor the jshERP project's website and GitHub repository for updates.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine pom.xml-Datei hoch und wir sagen dir sofort, ob du betroffen bist.