CVE-2025-10980 – JeecgBoot up to version 3.8.2 contains an impro... (How to Fix)

Q: What is the severity of CVE-2025-10980?

CVE-2025-10980 has a CVSS score of 4.3 (MEDIUM). JeecgBoot up to version 3.8.2 contains an improper authorization vulnerability in the /sys/position/exportXls endpoint that allows remote attackers to access unauthorized functionality. This affects all organizations running vulnerable versions of JeecgBoot with the affected endpoint exposed. The vulnerability enables attackers to bypass intended access controls remotely.

📋 TL;DR

JeecgBoot up to version 3.8.2 contains an improper authorization vulnerability in the /sys/position/exportXls endpoint that allows remote attackers to access unauthorized functionality. This affects all organizations running vulnerable versions of JeecgBoot with the affected endpoint exposed. The vulnerability enables attackers to bypass intended access controls remotely.

💻 Affected Systems

Products:

JeecgBoot

Versions: Up to and including 3.8.2

Operating Systems: All platforms running JeecgBoot

Default Config Vulnerable: ⚠️ Yes

Notes: Affects systems with the /sys/position/exportXls endpoint accessible. Default installations are vulnerable.

📦 What is this software?

Jeecg Boot by Jeecg

View all CVEs affecting Jeecg Boot →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could export sensitive position/role data without authorization, potentially exposing organizational structure, user roles, or other confidential information stored in position-related data.

🟠

Likely Case

Unauthorized access to export functionality leading to data exfiltration of position/role information, which could be used for reconnaissance or privilege escalation planning.

🟢

If Mitigated

With proper network segmentation and access controls, impact would be limited to authorized users only accessing their permitted data.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit details have been publicly disclosed. Attack requires some level of access but bypasses authorization controls.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version 3.8.3 or later

Vendor Advisory: Not provided by vendor (vendor did not respond to disclosure)

Restart Required: No

Instructions:

1. Upgrade JeecgBoot to version 3.8.3 or later. 2. Verify the fix by testing the /sys/position/exportXls endpoint with unauthorized credentials.

🔧 Temporary Workarounds

Block vulnerable endpoint

all

Restrict access to the /sys/position/exportXls endpoint using web application firewall or network controls

Implement proper authorization checks

all

Add explicit authorization validation before processing export requests

🧯 If You Can't Patch

Implement strict network access controls to limit who can reach the vulnerable endpoint
Deploy a WAF with rules to detect and block unauthorized export requests

🔍 How to Verify

Check if Vulnerable:

Attempt to access /sys/position/exportXls endpoint with unauthorized credentials. If export succeeds, system is vulnerable.

Check Version:

Check JeecgBoot version in application configuration or via version endpoint if available

Verify Fix Applied:

After patching, attempt the same unauthorized access. Request should be properly rejected with authorization error.

📡 Detection & Monitoring

Log Indicators:

Unauthorized access attempts to /sys/position/exportXls
Successful export operations from unexpected user accounts

Network Indicators:

HTTP requests to /sys/position/exportXls from unauthorized IPs
Unexpected data export traffic

SIEM Query:

source="web_server" AND (uri="/sys/position/exportXls" AND NOT user IN authorized_users)

📊 Metadata

CVE ID: CVE-2025-10980

CVSS v3 Score: 4.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE: CWE-266

EPSS Score: 0.05% exploit probability (14.5th percentile)

Published: September 26, 2025

Last Updated: December 31, 2025

🔗 References

https://vuldb.com/?ctiid.325851 Permissions Required,VDB Entry
https://vuldb.com/?id.325851 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.653340 Third Party Advisory,VDB Entry
https://www.cnblogs.com/aibot/p/19063355 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-10980, you might also want to check these: