CVE-2025-3199
📋 TL;DR
This CVE describes an improper authorization vulnerability in the ruoyi-ai software up to version 2.0.1. Attackers can remotely exploit this flaw to access API interfaces without proper authentication, potentially leading to unauthorized data access or system manipulation. Organizations using ruoyi-ai versions 2.0.1 or earlier are affected.
💻 Affected Systems
- ageerle ruoyi-ai
📦 What is this software?
Ruoyi Ai by Pandarobot
⚠️ Risk & Real-World Impact
Worst Case
Complete system compromise allowing attackers to access, modify, or delete sensitive data, execute arbitrary commands, or take full control of the application.
Likely Case
Unauthorized access to sensitive API endpoints leading to data exfiltration, privilege escalation, or manipulation of system configurations.
If Mitigated
Limited impact with proper network segmentation, API gateway controls, and monitoring in place to detect and block unauthorized access attempts.
🎯 Exploit Status
Exploit details are publicly disclosed in GitHub repositories. The vulnerability allows remote exploitation without authentication, making it easy to weaponize.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 2.0.2
Vendor Advisory: https://github.com/ageerle/ruoyi-ai/releases/tag/v2.0.2
Restart Required: Yes
Instructions:
1. Backup current installation. 2. Download version 2.0.2 from the official GitHub releases. 3. Replace the vulnerable SysModelController.java file with the patched version. 4. Restart the application server. 5. Verify the patch commit c0daf641fb25b244591b7a6c3affa35c69d321fe is applied.
🔧 Temporary Workarounds
Network Access Control
allRestrict network access to the ruoyi-ai API endpoints using firewall rules or API gateway.
Authentication Proxy
allPlace the application behind a reverse proxy that enforces authentication before requests reach the vulnerable endpoint.
🧯 If You Can't Patch
- Implement strict network segmentation to isolate the vulnerable system from untrusted networks.
- Deploy a Web Application Firewall (WAF) with rules to detect and block unauthorized API access patterns.
🔍 How to Verify
Check if Vulnerable:
Check the version of ruoyi-ai. If it's 2.0.1 or earlier, examine the SysModelController.java file for missing authorization checks.Check Version:
Check the application's version configuration file or build properties, typically in pom.xml for Maven projects or build.gradle for Gradle.Verify Fix Applied:
Verify the application version is 2.0.2 or later, and confirm the patch commit c0daf641fb25b244591b7a6c3affa35c69d321fe is present in the codebase.📡 Detection & Monitoring
Log Indicators:
- Unauthorized access attempts to /system/model/* endpoints
- HTTP 403 errors followed by successful 200 responses from the same IP
Network Indicators:
- Unusual API request patterns to model-related endpoints
- Requests bypassing authentication headers
SIEM Query:
source="ruoyi-ai" AND (uri="/system/model/*" AND NOT auth_token=*)🔗 References
- https://github.com/Tr0e/CVE_Hunter/blob/main/ruoyi-ai/ruoyi-ai_UnauthorizedAccess_01.md
- https://github.com/ageerle/ruoyi-ai/issues/43
- https://github.com/ageerle/ruoyi-ai/issues/43#issuecomment-2763091490
- https://github.com/ageerle/ruoyi-ai/releases/tag/v2.0.2
- https://github.com/gwozai/ruoyi-ai/commit/c0daf641fb25b244591b7a6c3affa35c69d321fe
- https://vuldb.com/?ctiid.303152
- https://vuldb.com/?id.303152
- https://vuldb.com/?submit.545830
- https://github.com/Tr0e/CVE_Hunter/blob/main/ruoyi-ai/ruoyi-ai_UnauthorizedAccess_01.md
