Improper Access Control in JeeWMS File Handler Leading to Remote Exploitation
CVE-2025-5390

5.3MEDIUM

Key Information:

Vendor

JeeWMS

Status
Jeewms
Vendor
CVE Published:
31 May 2025

What is CVE-2025-5390?

A vulnerability has been identified in JeeWMS that affects the file handling functionality of its system controller. This flaw allows attackers to manipulate access controls improperly, potentially leading to unauthorized access. The vulnerability can be exploited remotely, posing significant risks to systems that utilize this component. Notably, JeeWMS does not maintain versioning information, leaving users without clear guidance on affected or unaffected releases, which complicates the assessment of their exposure to this risk.

Affected Version(s)

JeeWMS 20250504

References

https://vuldb.com/?id.310683
vdb-entrytechnical-description
https://vuldb.com/?ctiid.310683
signaturepermissions-required
https://gitee.com/erzhongxmu/JEEWMS/issues/IC5FNV
issue-tracking

CVSS V4

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

VulDB Gitee Analyzer
.
CVE-2025-5390 : Improper Access Control in JeeWMS File Handler Leading to Remote Exploitation