← back
CVE-2025-45854

CVE-2025-45854

CVSS 10 CRITICALEPSS 2.7%CWE-862
/server/executeExec of JEHC-BPM 2.0.1 allows attackers to execute arbitrary code via execParams.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected products
JEHc · JEHC-BPM

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://gist.github.com/Cafe-Tea/bc14b38f4bfd951de2979a24c3358460https://gitee.com/jehc/JEHC-BPMhttps://web.archive.org/web/20250604134020/https://gist.github.com/Cafe-Tea/bc14b38f4bfd951de2979a24c3358460/revisions