| 제목 | dromara RuoYi-Vue-Plus 5.4.0 Arbitrary File Read |
|---|
| 설명 | In the RuoYi-Vue-Plus project, The endpoints /demo/mail/sendMessageWithAttachment and /demo/mail/sendMessageWithAttachments in MailController.java can be accessed without authentication and allow attackers to specify arbitrary file paths as email attachments. This leads to an arbitrary file read vulnerability, enabling exfiltration of sensitive files from the server.
Project Link: https://github.com/dromara/RuoYi-Vue-Plus
Affected Version: 5.4.0
Affected API: /demo/mail/sendMessageWithAttachment and /demo/mail/sendMessageWithAttachments
Code Location: /src/main/java/org/dromara/demo/controller/MailController.java |
|---|
| 원천 | ⚠️ https://github.com/ShenxiuSec/cve-proofs/blob/main/POC-20250620-01/report.md |
|---|
| 사용자 | ShenxiuSecurity (UID 84374) |
|---|
| 제출 | 2025. 06. 20. AM 03:57 (12 개월 ago) |
|---|
| 모더레이션 | 2025. 06. 30. PM 03:17 (10 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 314437 [Dromara RuoYi-Vue-Plus 5.4.0 Mail MailController.java filePath 디렉토리 순회] |
|---|
| 포인트들 | 20 |
|---|