Enviar #601043: SimStudioAI Sim <=0.1.17 Absolute Path Traversalinformación

TítuloSimStudioAI Sim <=0.1.17 Absolute Path Traversal
DescripciónA path traversal vulnerability was found in Sim (https://github.com/simstudioai/sim) version 0.1.17 and earlier. When handling file operations via /api/files/parse, the file path is not validated properly, which allows unauthenticated users to read arbitrary files from the server's file system.
Fuente⚠️ https://github.com/vri-report/reports/issues/2
Usuario
 Anonymous User
Sumisión2025-06-20 06:10 (hace 10 meses)
Moderación2025-07-05 21:28 (16 days later)
EstadoAceptado
Entrada de VulDB315018 [SimStudioAI sim hasta 0.1.17 route.ts handleLocalFile filePath recorrido de directorios]
Puntos18

AnteriorVisión De ConjuntoPróximo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!