| Title | zhijiantianya ruoyi-vue-pro 2.4.1 File Path Traversal Backend |
|---|
| Description | There is a directory traversal vulnerability in the backend file upload interface of Ruoyi Vue Pro v2.4.1, specifically in the `/admin-api/infra/file/upload` section. Hackers can exploit this vulnerability to upload any file to any directory on the server. If it is a Linux server, the SSH private key may be replaced, resulting in the loss of server privileges. |
|---|
| Source | ⚠️ https://github.com/uglory-gll/javasec/blob/main/ruoyi-vue-pro.md |
|---|
| User | uglory (UID 82151) |
|---|
| Submission | 03/09/2025 08:10 (1 Year ago) |
|---|
| Moderation | 03/24/2025 12:23 (15 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 300729 [zhijiantianya ruoyi-vue-pro 2.4.1 Backend File Upload Interface upload path path traversal] |
|---|
| Points | 18 |
|---|