Gửi #598365: ageerle https://github.com/ageerle/ruoyi-ai v2.0.0 Unrestricted Uploadthông tin

tiêu đềageerle https://github.com/ageerle/ruoyi-ai v2.0.0 Unrestricted Upload
Mô tảThe open source project "ageerle/ruoyi-ai" which implements AI chat and painting functions based on ruoyi-plus has an arbitrary file upload vulnerability, which allows attackers to upload any malicious files to any path on the server, resulting in the risk of arbitrary code execution and arbitrary file overwriting on the server.
Nguồn⚠️ https://github.com/ageerle/ruoyi-ai/issues/9
Người dùng
 Anonymous User
Đệ trình17/06/2025 17:03 (cách đây 1 Năm)
Kiểm duyệt21/06/2025 07:12 (4 days later)
Trạng tháiđược chấp nhận
Mục VulDB313574 [ageerle ruoyi-ai 2.0.0 SseServiceImpl.java speechToTextTranscriptionsV2/upload Tệp tin nâng cao đặc quyền]
điểm18

Want to know what is going to be exploited?

We predict KEV entries!