RUoYi Privilege Escalation Vulnerability in SysConfigController

A privilege escalation vulnerability has been identified in RUoYi version 4.8.0. The issue arises in the editSave method of the SysConfigController, where the application fails to properly validate whether a user has administrative rights before allowing changes to system configuration settings. This flaw enables remote attackers to exploit the vulnerability by sending requests to modify critical system settings without the necessary privileges, potentially leading to unauthorized alterations of security configurations, API keys, system features, or the injection of malicious settings, thereby creating widespread security risks.

Impact

Exploitation of this vulnerability allows for unauthorized users to gain administrative privileges, enabling them to alter essential system configurations and potentially disrupt overall system security.

Reproduction

To reproduce this vulnerability, a normal user must access the editSave method in the SysConfigController. Once in this position, the user can send a request to modify system configuration settings. The application will process the request without proper authorization checks, allowing the user to change critical settings. Successful exploitation can be verified by checking the modified configuration, which will reflect the unauthorized changes made.