Enviar #644954: simstudioai https://github.com/simstudioai/sim <=1.0.0 Remote Code Executioninformación

Títulosimstudioai https://github.com/simstudioai/sim <=1.0.0 Remote Code Execution
DescripciónThe RCE vulnerability was discovered on /api/function/execute in latest version of SIM. The functionality has user-controllable parameter without any blacklist/whitelist filtering or special character escaping security measures, allowing attackers to execute arbitrary javascript code.
Fuente⚠️ https://github.com/simstudioai/sim/issues/961
Usuario
 ZAST.AI (UID 87884)
Sumisión2025-08-31 15:24 (hace 9 meses)
Moderación2025-09-08 11:55 (8 days later)
EstadoAceptado
Entrada de VulDB323058 [SimStudioAI sim hasta 1.0.0 route.ts code escalada de privilegios]
Puntos18

AnteriorVisión De ConjuntoPróximo

Might our Artificial Intelligence support you?

Check our Alexa App!