제출 #708995: mymagicpower AIAS <=1.0.0 SSRF정보

제목mymagicpower AIAS <=1.0.0 SSRF
설명A SSRF vulnerability was discovered on /api/asr/enAsrForLongAudioUrl, in latest version of AIAS. The target URI parameter for network requests is user-controllable and lacks sufficient security processing, resulting in an SSRF vulnerability that allows attackers to exploit this flaw to probe and exploit internal services of the target system.
원천⚠️ https://github.com/mymagicpower/AIAS/issues/55
사용자
 ZAST.AI (UID 87884)
제출2025. 12. 08. AM 08:45 (5 개월 ago)
모더레이션2025. 12. 25. PM 01:48 (17 days later)
상태중복
VulDB 항목303689 [mymagicpower AIAS 20250308 AsrController.java url 권한 상승]
포인트들0

이전개요다음

Interested in the pricing of exploits?

See the underground prices here!