54 matches found
CVE-2025-7114
A vulnerability was found in SimStudioAI sim up to 37786d371e17d35e0764e1b5cd519d873d90d97b. It has been declared as critical. Affected by this vulnerability is the function POST of the file apps/sim/app/api/files/upload/route.ts of the component Session Handler. The manipulation of the argument...
CVE-2025-7107
A vulnerability classified as critical has been found in SimStudioAI sim up to 0.1.17. Affected is the function handleLocalFile of the file apps/sim/app/api/files/parse/route.ts. The manipulation of the argument filePath leads to path traversal. It is possible to launch the attack remotely. The...
CVE-2025-7114
A vulnerability was found in SimStudioAI sim up to 37786d371e17d35e0764e1b5cd519d873d90d97b. It has been declared as critical. Affected by this vulnerability is the function POST of the file apps/sim/app/api/files/upload/route.ts of the component Session Handler. The manipulation of the argument...
CVE-2025-7114
A vulnerability was found in SimStudioAI sim up to 37786d371e17d35e0764e1b5cd519d873d90d97b. It has been declared as critical. Affected by this vulnerability is the function POST of the file apps/sim/app/api/files/upload/route.ts of the component Session Handler. The manipulation of the argument...
CVE-2025-7114 SimStudioAI sim Session route.ts POST missing authentication
A vulnerability was found in SimStudioAI sim up to 37786d371e17d35e0764e1b5cd519d873d90d97b. It has been declared as critical. Affected by this vulnerability is the function POST of the file apps/sim/app/api/files/upload/route.ts of the component Session Handler. The manipulation of the argument...
CVE-2025-7114 SimStudioAI sim Session route.ts POST missing authentication
A vulnerability was found in SimStudioAI sim up to 37786d371e17d35e0764e1b5cd519d873d90d97b. It has been declared as critical. Affected by this vulnerability is the function POST of the file apps/sim/app/api/files/upload/route.ts of the component Session Handler. The manipulation of the argument...
CVE-2025-7114
CVE-2025-7114 targets SimStudioAI sim up to commit 37786d371e17d35e0764e1b5cd519d873d90d97b. The flaw resides in the POST handler for apps/sim/app/api/files/upload/route.ts (Session Handler), where the Request can be manipulated without authentication, enabling remote, unauthenticated access. Mul...
CVE-2025-7107
A vulnerability classified as critical has been found in SimStudioAI sim up to 0.1.17. Affected is the function handleLocalFile of the file apps/sim/app/api/files/parse/route.ts. The manipulation of the argument filePath leads to path traversal. It is possible to launch the attack remotely. The...
CVE-2025-7107
A vulnerability classified as critical has been found in SimStudioAI sim up to 0.1.17. Affected is the function handleLocalFile of the file apps/sim/app/api/files/parse/route.ts. The manipulation of the argument filePath leads to path traversal. It is possible to launch the attack remotely. The...
CVE-2025-7107
CVE-2025-7107 affects SimStudioAI sim ≤ 0.1.17. The vulnerability lies in the function handleLocalFile within apps/sim/app/api/files/parse/route.ts, where manipulating the argument filePath enables path traversal. This can be triggered remotely, and exploitation has been publicly disclosed. The p...
CVE-2025-7107 SimStudioAI sim route.ts handleLocalFile path traversal
A vulnerability classified as critical has been found in SimStudioAI sim up to 0.1.17. Affected is the function handleLocalFile of the file apps/sim/app/api/files/parse/route.ts. The manipulation of the argument filePath leads to path traversal. It is possible to launch the attack remotely. The...
CVE-2025-7107 SimStudioAI sim route.ts handleLocalFile path traversal
A vulnerability classified as critical has been found in SimStudioAI sim up to 0.1.17. Affected is the function handleLocalFile of the file apps/sim/app/api/files/parse/route.ts. The manipulation of the argument filePath leads to path traversal. It is possible to launch the attack remotely. The...
PT-2025-28131
Name of the Vulnerable Software and Affected Versions: SimStudioAI sim up to 37786d371e17d35e0764e1b5cd519d873d90d97b Description: A critical issue was found in the Session Handler component, specifically affecting the POST function of the file apps/sim/app/api/files/upload/route.ts. The...
PT-2025-28117 · Unknown · Simstudioai Sim
Name of the Vulnerable Software and Affected Versions: SimStudioAI sim versions up to 0.1.17 Description: A critical issue has been found, affecting the handleLocalFile function of the file apps/sim/app/api/files/parse/route.ts. The manipulation of the filePath argument leads to path traversal...