This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: Weaver E-Office 9.5 has a critical flaw allowing unauthorized access. π **Consequences**: Attackers can read sensitive files or directories, leading to potential data leaks and system compromise.
Q2Root Cause? (CWE/Flaw)
π‘οΈ **Root Cause**: CWE-552 (Files or Directories Accessible to Unauthorized Actors). The flaw lies in the processing of `/building/backmgr/urlpage/mobileurl/configfile/jx2_config.ini`, exposing internal configurations.
Q3Who is affected? (Versions/Components)
π’ **Affected**: Weaver (Weaver E-Office). π¦ **Version**: Specifically **9.5**. This is a major Chinese collaborative office software widely used in enterprises.
Q4What can hackers do? (Privileges/Data)
π **Attacker Capabilities**: Remote access to restricted files/directories.β¦
π **Exploit Status**: YES. Public PoC exists on GitHub (ProjectDiscovery Nuclei templates). Wild exploitation is possible using automated scanning tools.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: Scan for the specific path: `/building/backmgr/urlpage/mobileurl/configfile/jx2_config.ini`. Use Nuclei templates or manual HTTP requests to check for 200 OK responses.
π§ **No Patch?**: Block external access to the `/building/backmgr/` directory via WAF or firewall rules. π Restrict access to `jx2_config.ini` specifically. Isolate the OA system.
Q10Is it urgent? (Priority Suggestion)
π₯ **Urgency**: HIGH. β οΈ **Priority**: Immediate action required. Remote, unauthenticated, and public PoC exist. Protect sensitive config files to prevent further attacks.