jeecgboot JimuReport MySQL JDBC testConnection deserialization_CVE-2025-10770

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was found in jeecgboot JimuReport up to 2.1.2. This impacts an unknown function of the file /drag/onlDragDataSource/testConnection of the component MySQL JDBC Handler. Performing manipulation results in deserialization. Remote exploitation of the attack is possible. The exploit has been made public and could be used.

Basic Information

ID CVE-2025-10770

Source VulDB

Published Sep 21, 2025 at 22:32

Affected Product

Vendor jeecgboot

Product JimuReport

Version 2.1.0

Affected Versions jeecgboot JimuReport 2.1.0
jeecgboot JimuReport 2.1.1
jeecgboot JimuReport 2.1.2

CWE Classification

CWE-502 CWE-20

References

{
    "lastseen": "",
    "description": "A vulnerability was found in jeecgboot JimuReport up to 2.1.2. This impacts an unknown function of the file /drag/onlDragDataSource/testConnection of the component MySQL JDBC Handler. Performing manipulation results in deserialization. Remote exploitation of the attack is possible. The exploit has been made public and could be used.",
    "published": "2025-09-21T22:32:06.763Z",
    "modified": "2025-09-21T22:32:06.763Z",
    "type": "cve",
    "title": "jeecgboot JimuReport MySQL JDBC testConnection deserialization",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.325126\nhttps://vuldb.com/?ctiid.325126\nhttps://vuldb.com/?submit.649755\nhttps://github.com/jeecgboot/jimureport/issues/4116\nhttps://github.com/jeecgboot/jimureport/issues/4116#issue-3391107887",
    "id": "CVE-2025-10770",
    "bulletinFamily": "",
    "cwe": [
        "CWE-502",
        "CWE-20"
    ],
    "cvelist": null,
    "sourceData": "jeecgboot JimuReport 2.1.0\njeecgboot JimuReport 2.1.1\njeecgboot JimuReport 2.1.2",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "JimuReport",
    "version": "2.1.0",
    "vendor": "jeecgboot",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}