| タイトル | dromara RuoYi-Vue-Plus 5.4.0 Arbitrary File Read |
|---|
| 説明 | In the RuoYi-Vue-Plus project, The endpoints /demo/mail/sendMessageWithAttachment and /demo/mail/sendMessageWithAttachments in MailController.java can be accessed without authentication and allow attackers to specify arbitrary file paths as email attachments. This leads to an arbitrary file read vulnerability, enabling exfiltration of sensitive files from the server.
Project Link: https://github.com/dromara/RuoYi-Vue-Plus
Affected Version: 5.4.0
Affected API: /demo/mail/sendMessageWithAttachment and /demo/mail/sendMessageWithAttachments
Code Location: /src/main/java/org/dromara/demo/controller/MailController.java |
|---|
| ソース | ⚠️ https://github.com/ShenxiuSec/cve-proofs/blob/main/POC-20250620-01/report.md |
|---|
| ユーザー | ShenxiuSecurity (UID 84374) |
|---|
| 送信 | 2025年06月20日 03:57 (12 月 ago) |
|---|
| モデレーション | 2025年06月30日 15:17 (10 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 314437 [Dromara RuoYi-Vue-Plus 5.4.0 Mail MailController.java filePath ディレクトリトラバーサル] |
|---|
| ポイント | 20 |
|---|