ageerle ruoyi-ai Unrestricted File Upload Vulnerability in SseServiceImpl
Vulnerability
A critical vulnerability allowing arbitrary file upload has been identified in ageerle ruoyi-ai version 2.0.0. The issue arises in the SseServiceImpl class, specifically within the speechToTextTranscriptionsV2/upload function. The vulnerability allows attackers to upload malicious files to any location on the server, potentially leading to arbitrary code execution or overwriting of existing files. This issue can be exploited remotely.
Impact
Exploitation of this vulnerability allows for unrestricted file uploads, which can be used to execute arbitrary code on the server or overwrite any file on the server.
Reproduction
The vulnerability can be reproduced by sending a POST request to the '/chat/audio' endpoint with a file that includes a malicious payload, such as a JSP file containing code to execute commands on the server.
Remediation
Users are advised to upgrade to ageerle ruoyi-ai version 2.0.1, which addresses this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.