CVE-2026-2945 – This CVE describes a Server-Side Request Forger... (How to Fix)

Q: What is the severity of CVE-2026-2945?

CVE-2026-2945 has a CVSS score of 6.3 (MEDIUM). This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in JeecgBoot 3.9.0 that allows attackers to make the server send HTTP requests to arbitrary internal or external systems. Attackers can exploit this remotely by manipulating the fileUrl parameter in the /sys/common/uploadImgByHttp endpoint. Any organization running the vulnerable JeecgBoot version is affected.

📋 TL;DR

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in JeecgBoot 3.9.0 that allows attackers to make the server send HTTP requests to arbitrary internal or external systems. Attackers can exploit this remotely by manipulating the fileUrl parameter in the /sys/common/uploadImgByHttp endpoint. Any organization running the vulnerable JeecgBoot version is affected.

💻 Affected Systems

Products:

JeecgBoot

Versions: 3.9.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems with the vulnerable endpoint accessible. The vulnerability is in an unknown functionality of the specified endpoint.

📦 What is this software?

Jeecg Boot by Jeecg

View all CVEs affecting Jeecg Boot →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could access internal services, exfiltrate sensitive data, perform port scanning of internal networks, or chain with other vulnerabilities to achieve remote code execution.

🟠

Likely Case

Information disclosure from internal services, potential data exfiltration, and reconnaissance of internal network infrastructure.

🟢

If Mitigated

Limited impact with proper network segmentation, egress filtering, and input validation controls in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit code is publicly available according to the references. The vulnerability can be exploited remotely without authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None provided

Restart Required: No

Instructions:

No official patch available. The vendor did not respond to disclosure. Consider upgrading to a newer version if available or implementing workarounds.

🔧 Temporary Workarounds

Block vulnerable endpoint

all

Restrict access to the /sys/common/uploadImgByHttp endpoint using web application firewall rules or access controls.

# Example for Apache: RewriteRule ^/sys/common/uploadImgByHttp - [F]
# Example for Nginx: location ~ ^/sys/common/uploadImgByHttp { deny all; }

Input validation and URL filtering

all

Implement strict validation of the fileUrl parameter to only allow trusted domains and protocols.

# Application-level validation required in source code

🧯 If You Can't Patch

Implement network segmentation to restrict the server's outbound connections to only necessary services
Deploy a web application firewall with SSRF protection rules and monitor for suspicious requests to the vulnerable endpoint

🔍 How to Verify

Check if Vulnerable:

Test if the /sys/common/uploadImgByHttp endpoint accepts arbitrary URLs in the fileUrl parameter and makes external requests.

Check Version:

Check the JeecgBoot version in application configuration or via version endpoint if available.

Verify Fix Applied:

Verify that the endpoint no longer accepts arbitrary URLs or that requests to internal resources are blocked.

📡 Detection & Monitoring

Log Indicators:

Unusual outbound HTTP requests from the server
Requests to internal IP addresses or unusual domains from the vulnerable endpoint
Multiple failed attempts to access the uploadImgByHttp endpoint

Network Indicators:

Unexpected outbound HTTP traffic from the JeecgBoot server to internal services
Port scanning activity originating from the server

SIEM Query:

source_ip=jeecgboot_server AND (dest_ip=internal_range OR dest_domain=unusual_domain) AND uri_path="/sys/common/uploadImgByHttp"

📊 Metadata

CVE ID: CVE-2026-2945

CVSS v3 Score: 6.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-918

Published: February 22, 2026

Last Updated: March 3, 2026

🔗 References

https://vuldb.com/?ctiid.347315 Permissions Required,VDB Entry
https://vuldb.com/?id.347315 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.754590 Third Party Advisory,VDB Entry
https://www.yuque.com/la12138/vxbwk9/glws4ppukxqtpfhl?singleDoc Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-2945, you might also want to check these: