How severe is CVE-2023-27025?

CVE-2023-27025 has a CVSS v3 score of 7.5 (HIGH).

CVE-2023-27025

Name: ruoyi
Author: ruoyi

7.5HIGH

An arbitrary file download vulnerability in the background management module of RuoYi v4.7.6 and below allows attackers to download arbitrary files in the server.

Publicado: 4/2/2023Actualizado: 2/18/2025

Descripción

An arbitrary file download vulnerability in the background management module of RuoYi v4.7.6 and below allows attackers to download arbitrary files in the server.

Análisis IAImpulsado por IA

Productos Afectados

ruoyiruoyi

Referencias

https://gitee.com/y_project/RuoYi/commit/432d5ce1be2e9384a6230d7ccd8401eef5ce02b0
Permissions Required
https://gitee.com/y_project/RuoYi/issues/I697Q5
ExploitIssue Tracking
https://gitee.com/y_project/RuoYi/commit/432d5ce1be2e9384a6230d7ccd8401eef5ce02b0
Permissions Required
https://gitee.com/y_project/RuoYi/issues/I697Q5
ExploitIssue Tracking