CVE-2023-33510
HIGH EXPLOITED IN THE WILD NUCLEIJeecg P3 Biz Chat <1.0.5 - Info Disclosure
Title source: llmExploitation Summary
CVE-2023-33510 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io). A Nuclei detection template is also available.
Description
Jeecg P3 Biz Chat 1.0.5 allows remote attackers to read arbitrary files through specific parameters.
Nuclei Templates (1)
Jeecg P3 Biz Chat - Local File Inclusion
HIGHVERIFIEDby DhiyaneshDK
Shodan:
http.favicon.hash:1380908726
FOFA:
icon_hash=1380908726
References (1)
Core 1
Core References
Exploit, Third Party Advisory
https://carl1l.github.io/2023/05/08/jeecg-p3-biz-chat-1-0-5-jar-has-arbitrary-file-read-vulnerability/
Scores
CVSS v3
7.5
EPSS
0.0404
EPSS Percentile
89.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
VulnCheck KEV
2024-09-18
InTheWild.io
2024-09-18
CWE
CWE-22
CWE-668
Status
published
Products (2)
jeecg_p3_biz_chat_project/jeecg_p3_biz_chat
1.0.5
org.jeecgframework.p3/jeecg-p3-biz-chat
0Maven
Published
Jun 07, 2023
Tracked Since
Feb 18, 2026