CNNVD-202507-647 Information
Jul 07, 2025
cve
CNNVD ID
CNNVD-202507-647
Related CVE
- CNNVD Published: 2025-07-07
Description (Chinese)
rowboat是RowBoat Labs开源的一个人工智能驱动的多智能体构建器。 rowboat存在访问控制错误漏洞,该漏洞源于文件apps/rowboat/app/api/uploads/[fileId]/route.ts中缺少身份验证。
Description (English)
Rowboat is an artificially intelligent multi-intelligence builder of RowBoat Labs open source. There is a bug in access control in rowboat, which stems from the lack of identification in document Apps/rowboat/app/api/uploads/[fileId]/route.ts.
Hazard Level
Medium
Vulnerability Type
访问控制错误
Affected Vendor
RowBoat Labs
Published
2025-07-07
Last Modified
2026-02-24
References
https://github.com/rowboatlabs/rowboat/issues/166#issuecomment-2995195594 https://vuldb.com/?submit.604899 https://vuldb.com/?ctiid.315026 https://vuldb.com/?id.315026 https://access.redhat.com/security/cve/cve-2025-7115
Share on: