|
|
|||
| Rule General Information |
|---|
| Release Date: | 2021-04-12 | |
| Rule Name: | RuoYi Arbitrary File Read Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Ruoyi Management system is an open source project based on Java Spring Boot framework, designed to provide a simple to use, feature-rich management system solution. Ruoyi CMS has an arbitrary file read vulnerability, which can be used by an unauthenticated attacker to access any file on the server, including database credentials, API keys, configuration files, etc., to obtain system permissions and sensitive information. | |
| Impact: | An attacker could exploit this vulnerability to have unspecified effect. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |