SimStudioAI sim ଯେପର୍ଯ୍ୟନ୍ତ 1.0.0 route.ts filePath ବିସ୍ତାରିତ ଅଧିକାର

ଏଣ୍ଟ୍ରିଇତିହାସମିଶ୍ରଣ କରନ୍ତୁjsonxmlCTI

Rakkoon nageenyaa kan ଜଟିଳ jedhamuun beekamu SimStudioAI sim ଯେପର୍ଯ୍ୟନ୍ତ 1.0.0 keessatti argameera. Miidhamni argame is hojii hin beekamne faayilii apps/sim/app/api/files/parse/route.ts keessa. Wanti jijjiirame irratti filePath gara ବିସ୍ତାରିତ ଅଧିକାର geessa. Rakkoo ibsuuf CWE yoo fayyadamte gara CWE-918 si geessa. Odeeffannoon kun yeroo 09/08/2025 maxxanfameera akka 960. Odeeffannoon kun buufachuuf github.com irratti argama. Dogoggorri kun CVE-2025-10096 jedhamee waamama. Weerara fageenya irraa jalqabuu ni danda'ama. Ibsa teeknikaa ni jira. Waan dabalataa ta’een, meeshaa balaa kana fayyadamuuf ni jira. Qorannoo miidhaa (exploit) uummataaf ifa taasifameera, kanaafis fayyadamuu ni danda'ama. Ammas, gatii exploit might be approx. USD $0-$5k yeroo ammaa irratti argamuu danda'a. ପ୍ରୁଫ୍-ଅଫ୍-କନ୍ସେପ୍ଟ ta’uu isaa ibsameera. Exploit github.com irraa buufachuun ni danda'ama. Akka 0-daytti, gatiin isaa daldala dhoksaa keessatti $0-$5k akka ta'e tilmaamameera. Idaantifayarii paachii 3424a338b763115f0269b209e777608e4cd31785 dha. Sirreeffamni rakkoo github.com irratti buufachuuf qophaa’eera. Paachii itti fayyadamuun rakkoo kana furuuf ni gorfama. If you want to get the best quality for vulnerability data then you always have to consider VulDB.

3 ଆଡାପ୍ଟେସନ୍ · 101 ପଏଣ୍ଟ

ଫିଲ୍ଡ	ସୃଷ୍ଟି ହୋଇଛି 09/08/2025 11:59 AM	ଅଦ୍ୟତନ 1/2 09/09/2025 04:38 AM	ଅଦ୍ୟତନ 2/2 11/15/2025 08:13 AM
software_vendor	SimStudioAI	SimStudioAI	SimStudioAI
software_name	sim	sim	sim
software_version	<=1.0.0	<=1.0.0	<=1.0.0
software_file	apps/sim/app/api/files/parse/route.ts	apps/sim/app/api/files/parse/route.ts	apps/sim/app/api/files/parse/route.ts
software_argument	filePath	filePath	filePath
vulnerability_cwe	CWE-918 (ବିସ୍ତାରିତ ଅଧିକାର)	CWE-918 (ବିସ୍ତାରିତ ଅଧିକାର)	CWE-918 (ବିସ୍ତାରିତ ଅଧିକାର)
vulnerability_risk	2	2	2
cvss3_vuldb_av	N	N	N
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_ui	N	N	N
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	L	L	L
cvss3_vuldb_i	L	L	L
cvss3_vuldb_a	L	L	L
cvss3_vuldb_e	P	P	P
cvss3_vuldb_rl	O	O	O
cvss3_vuldb_rc	C	C	C
advisory_identifier	960	960	960
advisory_url	https://github.com/simstudioai/sim/issues/960	https://github.com/simstudioai/sim/issues/960	https://github.com/simstudioai/sim/issues/960
advisory_confirm_url	https://github.com/simstudioai/sim/pull/1149	https://github.com/simstudioai/sim/pull/1149	https://github.com/simstudioai/sim/pull/1149
exploit_availability	1	1	1
exploit_publicity	1	1	1
exploit_url	https://github.com/simstudioai/sim/issues/960	https://github.com/simstudioai/sim/issues/960	https://github.com/simstudioai/sim/issues/960
countermeasure_name	ପ୍ୟାଚ୍	ପ୍ୟାଚ୍	ପ୍ୟାଚ୍
patch_name	3424a338b763115f0269b209e777608e4cd31785	3424a338b763115f0269b209e777608e4cd31785	3424a338b763115f0269b209e777608e4cd31785
countermeasure_patch_url	https://github.com/simstudioai/sim/commit/3424a338b763115f0269b209e777608e4cd31785	https://github.com/simstudioai/sim/commit/3424a338b763115f0269b209e777608e4cd31785	https://github.com/simstudioai/sim/commit/3424a338b763115f0269b209e777608e4cd31785
source_cve	CVE-2025-10096	CVE-2025-10096	CVE-2025-10096
cna_responsible	VulDB	VulDB	VulDB
cvss2_vuldb_av	N	N	N
cvss2_vuldb_ac	L	L	L
cvss2_vuldb_ci	P	P	P
cvss2_vuldb_ii	P	P	P
cvss2_vuldb_ai	P	P	P
cvss2_vuldb_e	POC	POC	POC
cvss2_vuldb_rc	C	C	C
cvss2_vuldb_rl	OF	OF	OF
cvss4_vuldb_av	N	N	N
cvss4_vuldb_ac	L	L	L
cvss4_vuldb_ui	N	N	N
cvss4_vuldb_vc	L	L	L
cvss4_vuldb_vi	L	L	L
cvss4_vuldb_va	L	L	L
cvss4_vuldb_e	P	P	P
cvss2_vuldb_au	S	S	S
cvss3_vuldb_pr	L	L	L
cvss4_vuldb_at	N	N	N
cvss4_vuldb_pr	L	L	L
cvss4_vuldb_sc	N	N	N
cvss4_vuldb_si	N	N	N
cvss4_vuldb_sa	N	N	N
cvss2_vuldb_basescore	6.5	6.5	6.5
cvss2_vuldb_tempscore	5.1	5.1	5.1
cvss3_vuldb_basescore	6.3	6.3	6.3
cvss3_vuldb_tempscore	5.7	5.7	5.7
cvss3_meta_basescore	6.3	6.3	6.4
cvss3_meta_tempscore	5.7	6.0	6.2
cvss4_vuldb_bscore	5.3	5.3	5.3
cvss4_vuldb_btscore	2.1	2.1	2.1
advisory_date	1757282400 (09/08/2025)	1757282400 (09/08/2025)	1757282400 (09/08/2025)
price_0day	$0-$5k	$0-$5k	$0-$5k
cve_nvd_summary		A vulnerability was determined in SimStudioAI sim up to 1.0.0. This affects an unknown function of the file apps/sim/app/api/files/parse/route.ts. Executing manipulation of the argument filePath can lead to server-side request forgery. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. This patch is called 3424a338b763115f0269b209e777608e4cd31785. Applying a patch is advised to resolve this issue.	A vulnerability was determined in SimStudioAI sim up to 1.0.0. This affects an unknown function of the file apps/sim/app/api/files/parse/route.ts. Executing manipulation of the argument filePath can lead to server-side request forgery. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. This patch is called 3424a338b763115f0269b209e777608e4cd31785. Applying a patch is advised to resolve this issue.
cvss4_cna_av		N	N
cvss4_cna_ac		L	L
cvss4_cna_at		N	N
cvss4_cna_pr		L	L
cvss4_cna_ui		N	N
cvss4_cna_vc		L	L
cvss4_cna_vi		L	L
cvss4_cna_va		L	L
cvss4_cna_sc		N	N
cvss4_cna_si		N	N
cvss4_cna_sa		N	N
cvss4_cna_bscore		5.3	5.3
cvss3_cna_av		N	N
cvss3_cna_ac		L	L
cvss3_cna_pr		L	L
cvss3_cna_ui		N	N
cvss3_cna_s		U	U
cvss3_cna_c		L	L
cvss3_cna_i		L	L
cvss3_cna_a		L	L
cvss3_cna_basescore		6.3	6.3
cvss2_cna_av		N	N
cvss2_cna_ac		L	L
cvss2_cna_au		S	S
cvss2_cna_ci		P	P
cvss2_cna_ii		P	P
cvss2_cna_ai		P	P
cvss2_cna_basescore		6.5	6.5
cvss3_nvd_av			N
cvss3_nvd_ac			L
cvss3_nvd_pr			L
cvss3_nvd_ui			N
cvss3_nvd_s			U
cvss3_nvd_c			H
cvss3_nvd_i			N
cvss3_nvd_a			N
cvss3_nvd_basescore			6.5

◂ ପଛକୁ ସମୀକ୍ଷା ଆହୁରି ଦୂରରେ ▸

Interested in the pricing of exploits?

See the underground prices here!