Login Sign Up

CVE-2026-1588

2.7 LOW
Path Traversal

📋 TL;DR

This CVE describes a path traversal vulnerability in jshERP up to version 3.6 that allows remote attackers to manipulate file paths during plugin installation. The vulnerability affects organizations using jshERP for enterprise resource planning, potentially allowing unauthorized file access or manipulation.

💻 Affected Systems

Products:
  • jishenghua jshERP
Versions: Up to and including version 3.6
Operating Systems: All platforms running jshERP
Default Config Vulnerable: ⚠️ Yes
Notes: All deployments with the vulnerable component are affected. The vulnerability is in the plugin installation mechanism.

📦 What is this software?

Jsherp by Jishenghua

View all CVEs affecting Jsherp →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote attacker could write arbitrary files to the server, potentially leading to remote code execution or complete system compromise.

🟠

Likely Case

Attackers could read sensitive configuration files, overwrite existing files, or disrupt normal application functionality.

🟢

If Mitigated

With proper network segmentation and access controls, impact would be limited to the application server only.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

The exploit has been made public according to the description. Attack requires access to the plugin installation functionality.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Monitor the GitHub repository for updates: https://github.com/jishenghua/jshERP/

🔧 Temporary Workarounds

Disable plugin installation

all

Remove or restrict access to the vulnerable plugin installation endpoint

Configure web server to block access to /jshERP-boot/plugin/installByPath

Network access controls

all

Restrict network access to jshERP administration interfaces

Configure firewall rules to limit access to jshERP admin ports

🧯 If You Can't Patch

  • Implement strict network segmentation to isolate jshERP from other systems
  • Enable detailed logging and monitoring of all plugin installation attempts

🔍 How to Verify

Check if Vulnerable:

Check if running jshERP version 3.6 or earlier. Review application logs for plugin installation attempts.

Check Version:

Check application version in jshERP interface or configuration files

Verify Fix Applied:

Test if path traversal attempts are properly blocked. Verify no unauthorized file access occurs.

📡 Detection & Monitoring

Log Indicators:

  • Unusual plugin installation attempts
  • Path traversal patterns in URLs
  • File access errors in unusual directories

Network Indicators:

  • HTTP requests to /jshERP-boot/plugin/installByPath with suspicious path parameters

SIEM Query:

source="jshERP" AND (url="*installByPath*" AND (path="*../*" OR path="*..\\*"))

📊 Metadata

CVE ID: CVE-2026-1588
CVSS v3 Score: 2.7 (LOW)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
CWE: CWE-22
EPSS Score: 0.05% exploit probability (15th percentile)
Published: January 29, 2026
Last Updated: February 13, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-1588, you might also want to check these:

CVE-2024-43955 10.0

CVE-2024-43955 is an unauthenticated path traversal vulnerability in the Droip WordPress plugin that...

Same vulnerability type (CWE-22)
CVE-2025-54261 10.0

This critical path traversal vulnerability in Adobe ColdFusion allows attackers to escape restricted...

Same vulnerability type (CWE-22)
CVE-2024-40628 10.0

This critical vulnerability in JumpServer allows attackers to read arbitrary files from the Celery c...

Same vulnerability type (CWE-22)