CVE-2025-10090

HIGH EXPLOITED NUCLEI

Jinher OA < 1.2 - SQL Injection via ID Parameter in GetTreeDate.aspx

Title source: llm

Exploitation Summary

CVE-2025-10090 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including iSee857. A Nuclei detection template is also available.

AI-analyzed exploit summary The repository contains a functional exploit PoC for CVE-2026-22812, targeting OpenCode for remote command execution (RCE). The script sends a crafted JSON payload to the '/session' endpoint to obtain a session ID, then executes the 'id' command via the '/session/{id}/shell' endpoint, verifying RCE by checking for 'uid=' and 'gid=' in the response.

Description

A flaw has been found in Jinher OA up to 1.2. The impacted element is an unknown function of the file /C6/Jhsoft.Web.departments/GetTreeDate.aspx. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used.

Exploits (1)

github WORKING POC 40 stars

by iSee857 · pythonpoc

https://github.com/iSee857/CVE-PoC/tree/main/JinherOA-CVE-2025-10090-sqlInjection.py

View Code ZIP pw:eip

The repository contains a functional exploit PoC for CVE-2026-22812, targeting OpenCode for remote command execution (RCE). The script sends a crafted JSON payload to the '/session' endpoint to obtain a session ID, then executes the 'id' command via the '/session/{id}/shell' endpoint, verifying RCE by checking for 'uid=' and 'gid=' in the response.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: OpenCode (version not specified)

No auth needed

Prerequisites: Network access to the target · OpenCode service running and accessible

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 27, 2026 Full analysis →

Nuclei Templates (1)

Jinher OA - SQL Injection

HIGHVERIFIEDby DhiyaneshDk

FOFA: app="金和网络-金和OA"||body="/jc6/platform/sys/login"

References (4)

Core 4

Core References

Third Party Advisory, VDB Entry vdb-entry technical-description

https://vuldb.com/?id.323045

Permissions Required, VDB Entry signature permissions-required

https://vuldb.com/?ctiid.323045

Third Party Advisory, VDB Entry third-party-advisory

https://vuldb.com/?submit.644635

Exploit, Issue Tracking, Third Party Advisory exploit issue-tracking

https://github.com/Cstarplus/CVE/issues/1

Scores

CVSS v3 7.3

EPSS 0.0173

EPSS Percentile 82.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

VulnCheck KEV 2026-03-31

CWE

CWE-74 CWE-89

Status published

Products (1)

jinher/jinher_oa < 1.2

Published Sep 08, 2025

Tracked Since Feb 18, 2026