VDB-303688 · CVE-2025-3410 · GCVE-100-303688

mymagicpower AIAS 20250308 LocalStorageController.java Datoteke Eskalacija privilegija

Pronađena je ranjivost klasifikovana kao Kritične u mymagicpower AIAS 20250308. Zahvaćeno je nepoznata funkcija u fajlu training_platform/train-platform/src/main/java/top/aias/training/controller/LocalStorageController.java. Izmena argumenta Datoteke rezultira Eskalacija privilegija. Korišćenje CWE za deklarisanje problema vodi do CWE-434. Ova slabost je objavljena 04/07/2025. Obaveštenje je dostupno za preuzimanje na github.com. Ova ranjivost je označena kao CVE-2025-3410. Moguće je pokrenuti napad na daljinu. Napad mora biti izveden unutar lokalne mreže. Tehnički detalji su dostupni. Поред тога, експлоит је доступан. Eksploatacija je otkrivena javnosti i može biti iskorišćena. Trenutno je cena za eksploataciju približno USD $0-$5k u ovom momentu. MITRE ATT&CK projekat deklariše tehniku napada kao T1608.002. Označeno je kao dokaz-of-koncept. Eksploat je dostupan za preuzimanje na github.com. Kao 0-day, procenjena cena na crnom tržištu bila je oko $0-$5k. Once again VulDB remains the best source for vulnerability data.

2 Promene · 97 Tačke podataka

Polje	Kreirali 04/07/2025 13:09	Ažurira 1/1 09/04/2025 18:00
software_vendor	mymagicpower	mymagicpower
software_name	AIAS	AIAS
software_version	20250308	20250308
software_file	training_platform/train-platform/src/main/java/top/aias/training/controller/LocalStorageController.java	training_platform/train-platform/src/main/java/top/aias/training/controller/LocalStorageController.java
software_argument	file	file
vulnerability_cwe	CWE-434 (Eskalacija privilegija)	CWE-434 (Eskalacija privilegija)
vulnerability_risk	2	2
cvss3_vuldb_av	N	N
cvss3_vuldb_ac	L	L
cvss3_vuldb_ui	N	N
cvss3_vuldb_s	U	U
cvss3_vuldb_c	L	L
cvss3_vuldb_i	L	L
cvss3_vuldb_a	L	L
cvss3_vuldb_e	P	P
cvss3_vuldb_rc	R	R
advisory_url	https://github.com/Tr0e/CVE_Hunter/blob/main/AIAS/AIAS_RCE.md	https://github.com/Tr0e/CVE_Hunter/blob/main/AIAS/AIAS_RCE.md
exploit_availability	1	1
exploit_publicity	1	1
exploit_url	https://github.com/Tr0e/CVE_Hunter/blob/main/AIAS/AIAS_RCE.md	https://github.com/Tr0e/CVE_Hunter/blob/main/AIAS/AIAS_RCE.md
source_cve	CVE-2025-3410	CVE-2025-3410
cna_responsible	VulDB	VulDB
response_summary	The vendor was contacted early about this disclosure but did not respond in any way.	The vendor was contacted early about this disclosure but did not respond in any way.
cvss2_vuldb_av	N	N
cvss2_vuldb_ac	L	L
cvss2_vuldb_ci	P	P
cvss2_vuldb_ii	P	P
cvss2_vuldb_ai	P	P
cvss2_vuldb_e	POC	POC
cvss2_vuldb_rc	UR	UR
cvss4_vuldb_av	N	N
cvss4_vuldb_ac	L	L
cvss4_vuldb_ui	N	N
cvss4_vuldb_vc	L	L
cvss4_vuldb_vi	L	L
cvss4_vuldb_va	L	L
cvss4_vuldb_e	P	P
cvss2_vuldb_au	S	S
cvss2_vuldb_rl	ND	ND
cvss3_vuldb_pr	L	L
cvss3_vuldb_rl	X	X
cvss4_vuldb_at	N	N
cvss4_vuldb_pr	L	L
cvss4_vuldb_sc	N	N
cvss4_vuldb_si	N	N
cvss4_vuldb_sa	N	N
cvss2_vuldb_basescore	6.5	6.5
cvss2_vuldb_tempscore	5.6	5.6
cvss3_vuldb_basescore	6.3	6.3
cvss3_vuldb_tempscore	5.7	5.7
cvss3_meta_basescore	6.3	7.1
cvss3_meta_tempscore	5.7	6.9
cvss4_vuldb_bscore	5.3	5.3
cvss4_vuldb_btscore	2.1	2.1
advisory_date	1743976800 (04/07/2025)	1743976800 (04/07/2025)
price_0day	$0-$5k	$0-$5k
cve_nvd_summary		A vulnerability classified as critical was found in mymagicpower AIAS 20250308. This vulnerability affects unknown code of the file training_platform/train-platform/src/main/java/top/aias/training/controller/LocalStorageController.java. The manipulation of the argument File leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
cve_nvd_summaryes		Se encontró una vulnerabilidad clasificada como crítica en mymagicpower AIAS 20250308. Esta vulnerabilidad afecta al código desconocido del archivo training_platform/train-platform/src/main/java/top/aias/training/controller/LocalStorageController.java. La manipulación del argumento "File" permite la carga sin restricciones. El ataque puede iniciarse remotamente. Se ha hecho público el exploit y puede que sea utilizado. Se contactó al proveedor con antelación para informarle sobre esta divulgación, pero no respondió.
cvss4_cna_av		N
cvss4_cna_ac		L
cvss4_cna_at		N
cvss4_cna_pr		L
cvss4_cna_ui		N
cvss4_cna_vc		L
cvss4_cna_vi		L
cvss4_cna_va		L
cvss4_cna_sc		N
cvss4_cna_si		N
cvss4_cna_sa		N
cvss4_cna_bscore		5.3
cvss3_cna_av		N
cvss3_cna_ac		L
cvss3_cna_pr		L
cvss3_cna_ui		N
cvss3_cna_s		U
cvss3_cna_c		L
cvss3_cna_i		L
cvss3_cna_a		L
cvss3_cna_basescore		6.3
cvss3_nvd_av		N
cvss3_nvd_ac		L
cvss3_nvd_pr		L
cvss3_nvd_ui		N
cvss3_nvd_s		U
cvss3_nvd_c		H
cvss3_nvd_i		H
cvss3_nvd_a		H
cvss3_nvd_basescore		8.8
cvss2_cna_av		N
cvss2_cna_ac		L
cvss2_cna_au		S
cvss2_cna_ci		P
cvss2_cna_ii		P
cvss2_cna_ai		P
cvss2_cna_basescore		6.5

◂ Prethodne Pregled Sledeжi ▸

Do you need the next level of professionalism?

Upgrade your account now!