Authentication Bypass in jeewx-boot by JeecgBoot
CVE-2024-50640

9.8CRITICAL

Key Information:

Vendor: JeecgBoot
Status: jeewx-boot
Vendor: CVE Published:; 20 August 2025

What is CVE-2024-50640?

The jeewx-boot version 1.3 is susceptible to an authentication bypass vulnerability within the preHandle function. This flaw could enable unauthorized access to protected resources, potentially allowing malicious actors to exploit the application without valid credentials. Users are advised to review their implementation and apply any necessary patches or updates to mitigate this security risk.

References

https://github.com/jeecgboot/jeewx-boot/issues/46

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 20, 2025
Vulnerability Reserved
Oct 28, 2024

CVE-2024-50640 Data

JSON