提交 #598365: ageerle https://github.com/ageerle/ruoyi-ai v2.0.0 Unrestricted Upload信息

标题ageerle https://github.com/ageerle/ruoyi-ai v2.0.0 Unrestricted Upload
描述The open source project "ageerle/ruoyi-ai" which implements AI chat and painting functions based on ruoyi-plus has an arbitrary file upload vulnerability, which allows attackers to upload any malicious files to any path on the server, resulting in the risk of arbitrary code execution and arbitrary file overwriting on the server.
来源⚠️ https://github.com/ageerle/ruoyi-ai/issues/9
用户
 Anonymous User
提交2025-06-17 17時03分 (1 年前)
管理2025-06-21 07時12分 (4 days later)
状态已接受
VulDB条目313574 [ageerle ruoyi-ai 2.0.0 SseServiceImpl.java speechToTextTranscriptionsV2/upload 文件 权限提升]
积分18

Do you know our Splunk app?

Download it now for free!