CVE-2026-1588 (GCVE-0-2026-1588)
Vulnerability from cvelistv5 – Published: 2026-01-29 13:32 – Updated: 2026-02-23 09:04
VLAI
Title
jishenghua jshERP installByPath install path traversal
Summary
A vulnerability was found in jishenghua jshERP up to 3.6. The impacted element is the function install of the file /jshERP-boot/plugin/installByPath of the component com.gitee.starblues.integration.operator.DefaultPluginOperator. The manipulation of the argument path results in path traversal. It is possible to launch the attack remotely. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Path Traversal
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.343351 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.343351 | signaturepermissions-required |
| https://vuldb.com/?submit.740649 | third-party-advisory |
| https://github.com/jishenghua/jshERP/issues/147 | exploitissue-tracking |
| https://github.com/jishenghua/jshERP/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| jishenghua | jshERP |
Affected:
3.0
Affected: 3.1 Affected: 3.2 Affected: 3.3 Affected: 3.4 Affected: 3.5 Affected: 3.6 cpe:2.3:a:jishenghua:jsherp:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1588",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-29T14:21:52.828920Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-29T14:29:46.680Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:jishenghua:jsherp:*:*:*:*:*:*:*:*"
],
"modules": [
"com.gitee.starblues.integration.operator.DefaultPluginOperator"
],
"product": "jshERP",
"vendor": "jishenghua",
"versions": [
{
"status": "affected",
"version": "3.0"
},
{
"status": "affected",
"version": "3.1"
},
{
"status": "affected",
"version": "3.2"
},
{
"status": "affected",
"version": "3.3"
},
{
"status": "affected",
"version": "3.4"
},
{
"status": "affected",
"version": "3.5"
},
{
"status": "affected",
"version": "3.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "mukyuuhate (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in jishenghua jshERP up to 3.6. The impacted element is the function install of the file /jshERP-boot/plugin/installByPath of the component com.gitee.starblues.integration.operator.DefaultPluginOperator. The manipulation of the argument path results in path traversal. It is possible to launch the attack remotely. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 2.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 2.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 3.3,
"vectorString": "AV:N/AC:L/Au:M/C:P/I:N/A:N/E:POC/RL:ND/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-23T09:04:07.647Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-343351 | jishenghua jshERP installByPath install path traversal",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.343351"
},
{
"name": "VDB-343351 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.343351"
},
{
"name": "Submit #740649 | https://github.com/jishenghua/jshERP jshERP v3.6 Path Traversal",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.740649"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/jishenghua/jshERP/issues/147"
},
{
"tags": [
"product"
],
"url": "https://github.com/jishenghua/jshERP/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-29T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-29T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-01-30T03:51:13.000Z",
"value": "VulDB entry last update"
}
],
"title": "jishenghua jshERP installByPath install path traversal"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-1588",
"datePublished": "2026-01-29T13:32:06.240Z",
"dateReserved": "2026-01-29T06:01:32.972Z",
"dateUpdated": "2026-02-23T09:04:07.647Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-1588",
"date": "2026-06-30",
"epss": "0.00592",
"percentile": "0.43858"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-1588\",\"sourceIdentifier\":\"cna@vuldb.com\",\"published\":\"2026-01-29T14:16:13.260\",\"lastModified\":\"2026-06-17T10:16:07.180\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability was found in jishenghua jshERP up to 3.6. The impacted element is the function install of the file /jshERP-boot/plugin/installByPath of the component com.gitee.starblues.integration.operator.DefaultPluginOperator. The manipulation of the argument path results in path traversal. It is possible to launch the attack remotely. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 una vulnerabilidad en jishenghua jshERP hasta 3.6. El elemento afectado es la funci\u00f3n install del archivo /jshERP-boot/plugin/installByPath del componente com.gitee.starblues.integration.operator.DefaultPluginOperator. La manipulaci\u00f3n del argumento path resulta en salto de ruta. Es posible lanzar el ataque de forma remota. El exploit se ha hecho p\u00fablico y podr\u00eda ser utilizado. El proyecto fue informado del problema tempranamente a trav\u00e9s de un informe de incidencias pero a\u00fan no ha respondido.\"}],\"affected\":[{\"source\":\"cna@vuldb.com\",\"affectedData\":[{\"vendor\":\"jishenghua\",\"product\":\"jshERP\",\"cpes\":[\"cpe:2.3:a:jishenghua:jsherp:*:*:*:*:*:*:*:*\"],\"modules\":[\"com.gitee.starblues.integration.operator.DefaultPluginOperator\"],\"versions\":[{\"version\":\"3.0\",\"status\":\"affected\"},{\"version\":\"3.1\",\"status\":\"affected\"},{\"version\":\"3.2\",\"status\":\"affected\"},{\"version\":\"3.3\",\"status\":\"affected\"},{\"version\":\"3.4\",\"status\":\"affected\"},{\"version\":\"3.5\",\"status\":\"affected\"},{\"version\":\"3.6\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":2.0,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"LOW\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"PROOF_OF_CONCEPT\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":2.7,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.2,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:M/C:P/I:N/A:N\",\"baseScore\":3.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"MULTIPLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":6.4,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-01-29T14:21:52.828920Z\",\"id\":\"CVE-2026-1588\",\"options\":[{\"exploitation\":\"poc\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jishenghua:jsherp:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.6\",\"matchCriteriaId\":\"2371BC75-D648-47F9-8B86-49CD53FB4DD4\"}]}]}],\"references\":[{\"url\":\"https://github.com/jishenghua/jshERP/\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/jishenghua/jshERP/issues/147\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://vuldb.com/?ctiid.343351\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Permissions Required\",\"VDB Entry\"]},{\"url\":\"https://vuldb.com/?id.343351\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://vuldb.com/?submit.740649\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-1588\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-01-29T14:21:52.828920Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-01-29T14:29:42.547Z\"}}], \"cna\": {\"title\": \"jishenghua jshERP installByPath install path traversal\", \"credits\": [{\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"mukyuuhate (VulDB User)\"}], \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 5.1, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P\"}}, {\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 2.7, \"baseSeverity\": \"LOW\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:C\"}}, {\"cvssV3_0\": {\"version\": \"3.0\", \"baseScore\": 2.7, \"baseSeverity\": \"LOW\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:C\"}}, {\"cvssV2_0\": {\"version\": \"2.0\", \"baseScore\": 3.3, \"vectorString\": \"AV:N/AC:L/Au:M/C:P/I:N/A:N/E:POC/RL:ND/RC:C\"}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:jishenghua:jsherp:*:*:*:*:*:*:*:*\"], \"vendor\": \"jishenghua\", \"modules\": [\"com.gitee.starblues.integration.operator.DefaultPluginOperator\"], \"product\": \"jshERP\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0\"}, {\"status\": \"affected\", \"version\": \"3.1\"}, {\"status\": \"affected\", \"version\": \"3.2\"}, {\"status\": \"affected\", \"version\": \"3.3\"}, {\"status\": \"affected\", \"version\": \"3.4\"}, {\"status\": \"affected\", \"version\": \"3.5\"}, {\"status\": \"affected\", \"version\": \"3.6\"}]}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-01-29T00:00:00.000Z\", \"value\": \"Advisory disclosed\"}, {\"lang\": \"en\", \"time\": \"2026-01-29T01:00:00.000Z\", \"value\": \"VulDB entry created\"}, {\"lang\": \"en\", \"time\": \"2026-01-30T03:51:13.000Z\", \"value\": \"VulDB entry last update\"}], \"references\": [{\"url\": \"https://vuldb.com/?id.343351\", \"name\": \"VDB-343351 | jishenghua jshERP installByPath install path traversal\", \"tags\": [\"vdb-entry\", \"technical-description\"]}, {\"url\": \"https://vuldb.com/?ctiid.343351\", \"name\": \"VDB-343351 | CTI Indicators (IOB, IOC, TTP, IOA)\", \"tags\": [\"signature\", \"permissions-required\"]}, {\"url\": \"https://vuldb.com/?submit.740649\", \"name\": \"Submit #740649 | https://github.com/jishenghua/jshERP jshERP v3.6 Path Traversal\", \"tags\": [\"third-party-advisory\"]}, {\"url\": \"https://github.com/jishenghua/jshERP/issues/147\", \"tags\": [\"exploit\", \"issue-tracking\"]}, {\"url\": \"https://github.com/jishenghua/jshERP/\", \"tags\": [\"product\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability was found in jishenghua jshERP up to 3.6. The impacted element is the function install of the file /jshERP-boot/plugin/installByPath of the component com.gitee.starblues.integration.operator.DefaultPluginOperator. The manipulation of the argument path results in path traversal. It is possible to launch the attack remotely. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-22\", \"description\": \"Path Traversal\"}]}], \"providerMetadata\": {\"orgId\": \"1af790b2-7ee1-4545-860a-a788eba489b5\", \"shortName\": \"VulDB\", \"dateUpdated\": \"2026-02-23T09:04:07.647Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-1588\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-23T09:04:07.647Z\", \"dateReserved\": \"2026-01-29T06:01:32.972Z\", \"assignerOrgId\": \"1af790b2-7ee1-4545-860a-a788eba489b5\", \"datePublished\": \"2026-01-29T13:32:06.240Z\", \"assignerShortName\": \"VulDB\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…