CVE-2024-57757 – CVE-2024-57757 is an authentication bypass vuln... (How to Fix)

Q: What is the severity of CVE-2024-57757?

CVE-2024-57757 has a CVSS score of 7.5 (HIGH). CVE-2024-57757 is an authentication bypass vulnerability in JeeWMS that allows attackers to bypass permission checks in the AuthInterceptor component. This affects all JeeWMS users running versions before v2025.01.01, potentially enabling unauthorized access to protected functionality.

📋 TL;DR

CVE-2024-57757 is an authentication bypass vulnerability in JeeWMS that allows attackers to bypass permission checks in the AuthInterceptor component. This affects all JeeWMS users running versions before v2025.01.01, potentially enabling unauthorized access to protected functionality.

💻 Affected Systems

Products:

JeeWMS

Versions: All versions before v2025.01.01

Operating Systems: Any OS running JeeWMS

Default Config Vulnerable: ⚠️ Yes

Notes: All deployments using the vulnerable AuthInterceptor component are affected regardless of configuration.

📦 What is this software?

Jeewms by Jeewms

View all CVEs affecting Jeewms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could gain administrative privileges, access sensitive data, modify system configurations, or execute arbitrary operations within the warehouse management system.

🟠

Likely Case

Unauthorized users could access restricted functionality, view sensitive warehouse data, or perform limited administrative actions depending on the specific bypass.

🟢

If Mitigated

With proper network segmentation and access controls, impact would be limited to the JeeWMS application itself rather than broader infrastructure.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires understanding of the AuthInterceptor implementation and may need some authentication to trigger the bypass.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v2025.01.01

Vendor Advisory: https://gitee.com/erzhongxmu/JEEWMS/issues/IBFKBM

Restart Required: No

Instructions:

1. Download JeeWMS v2025.01.01 or later from official sources. 2. Replace the vulnerable AuthInterceptor.cava file with the patched version. 3. Verify the fix by testing authentication flows.

🔧 Temporary Workarounds

Network Access Restriction

all

Restrict network access to JeeWMS to only trusted IP addresses or internal networks

Web Application Firewall Rules

all

Implement WAF rules to block suspicious requests to /interceptors/AuthInterceptor.cava

🧯 If You Can't Patch

Implement strict network segmentation to isolate JeeWMS from critical systems
Enable detailed logging and monitoring for authentication bypass attempts

🔍 How to Verify

Check if Vulnerable:

Check if your JeeWMS version is earlier than v2025.01.01 by examining version files or application metadata

Check Version:

Check JeeWMS configuration files or application properties for version information

Verify Fix Applied:

Test authentication flows to ensure proper permission checks are enforced after applying the patch

📡 Detection & Monitoring

Log Indicators:

Unusual access patterns to protected endpoints
Failed authentication attempts followed by successful access
Requests bypassing expected authentication flows

Network Indicators:

HTTP requests to /interceptors/AuthInterceptor.cava with unusual parameters
Unauthorized access to protected API endpoints

SIEM Query:

source="jeeWMS" AND (uri="/interceptors/AuthInterceptor.cava" OR (status=200 AND auth_failed=true))

📊 Metadata

CVE ID: CVE-2024-57757

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-862

EPSS Score: 0.15% exploit probability (35.3th percentile)

Published: January 15, 2025

Last Updated: April 18, 2025

🔗 References

https://gitee.com/erzhongxmu/JEEWMS/issues/IBFKBM Exploit,Issue Tracking,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-57757, you might also want to check these: