Submit #598365: ageerle https://github.com/ageerle/ruoyi-ai v2.0.0 Unrestricted Uploadinfo

Titleageerle https://github.com/ageerle/ruoyi-ai v2.0.0 Unrestricted Upload
DescriptionThe open source project "ageerle/ruoyi-ai" which implements AI chat and painting functions based on ruoyi-plus has an arbitrary file upload vulnerability, which allows attackers to upload any malicious files to any path on the server, resulting in the risk of arbitrary code execution and arbitrary file overwriting on the server.
Source⚠️ https://github.com/ageerle/ruoyi-ai/issues/9
User
 Anonymous User
Submission06/17/2025 17:03 (1 Year ago)
Moderation06/21/2025 07:12 (4 days later)
StatusAccepted
VulDB entry313574 [ageerle ruoyi-ai 2.0.0 SseServiceImpl.java speechToTextTranscriptionsV2/upload File unrestricted upload]
Points18

Interested in the pricing of exploits?

See the underground prices here!