CVE-2025-6466 in ruoyi-aiinfo

Summary

by MITRE • 06/22/2025

A vulnerability was found in ageerle ruoyi-ai 2.0.0 and classified as critical. Affected by this issue is the function speechToTextTranscriptionsV2/upload of the file ruoyi-modules/ruoyi-system/src/main/java/org/ruoyi/system/service/impl/SseServiceImpl.java. The manipulation of the argument File leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.0.1 is able to address this issue. The patch is identified as 4e93ac86d4891c59ecfcd27c051de9b3c5379315. It is recommended to upgrade the affected component.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Analysis

by VulDB Data Team • 06/22/2025

The vulnerability identified as CVE-2025-6466 represents a critical security flaw in the ageerle ruoyi-ai 2.0.0 application, specifically within the speechToTextTranscriptionsV2/upload function located in the SseServiceImpl.java file. This issue manifests as an unrestricted file upload vulnerability that allows malicious actors to bypass normal file validation mechanisms and upload arbitrary files to the system. The vulnerability is particularly concerning because it affects a core audio processing functionality that handles speech-to-text transcription services, making it a prime target for attackers seeking to compromise the system through malicious file uploads.

The technical exploitation of this vulnerability occurs through manipulation of the File argument parameter within the speechToTextTranscriptionsV2/upload endpoint. When a user submits a file through this interface, the application fails to properly validate or sanitize the uploaded file content, allowing attackers to upload files with potentially harmful extensions or content. This flaw directly maps to CWE-434, which describes the improper restriction of uploads to a restricted directory, and aligns with ATT&CK technique T1195.001 for the use of web shell uploads. The unrestricted nature of this upload capability means that attackers could potentially upload malicious executables, scripts, or other harmful content that could execute within the application's environment.

The remote attack vector of this vulnerability significantly amplifies its potential impact, as it allows threat actors to exploit the flaw without requiring physical access to the system. This remote exploitation capability enables attackers to perform various malicious activities including but not limited to code execution, privilege escalation, and persistent access to the compromised system. The fact that this exploit has been disclosed to the public and may be used renders it particularly dangerous as it provides attackers with readily available methods to compromise affected systems. The vulnerability affects the broader ruoyi-ai ecosystem and could potentially lead to complete system compromise, data exfiltration, or service disruption.

The mitigation strategy for CVE-2025-6466 involves upgrading the affected component to version 2.0.1, which contains the necessary patch identified by the commit hash 4e93ac86d4891c59ecfcd27c051de9b3c5379315. This upgrade process should be implemented immediately across all affected deployments to ensure system security. Organizations should also implement additional protective measures including input validation, file type restrictions, and content scanning mechanisms to further secure the file upload functionality. The patch addresses the root cause by implementing proper file validation and sanitization procedures that prevent malicious files from being accepted through the speechToTextTranscriptionsV2/upload endpoint. Security teams should also conduct thorough vulnerability assessments to identify any potential exploitation attempts and monitor system logs for suspicious file upload activities that may indicate attempted exploitation of this vulnerability.

Responsible

VulDB

Disclosure

06/22/2025

Moderation

accepted

CPE

ready

Exploit

Download

EPSS

0.00318

KEV

no

Activities

very low

Sources

Do you want to use VulDB in your project?

Use the official API to access entries easily!