CNNVD-202509-024 Information

CNNVD ID

CNNVD-202509-024

Related CVE

CVE-2025-9801

• CNNVD Published: 2025-09-01

Description (Chinese)

Sim Studio是Sim Studio开源的一个AI代理工作流构建器。 Sim Studio存在路径遍历漏洞，该漏洞源于对参数filePath的错误操作导致路径遍历攻击。

Description (English)

Sim Studio is an AI proxy workflow builder at Sim Studio Open Source. Sim Studio has a loophole in its path, which results from an error in the operation of the parameter filePath, which leads to a path attack.

Hazard Level

High

Vulnerability Type

路径遍历

Affected Vendor

SIMPLE

Published

2025-09-01

Last Modified

2026-02-24

References

https://vuldb.com/?submit.641130 https://vuldb.com/?id.322116 https://vuldb.com/?ctiid.322116 https://github.com/simstudioai/sim/issues/959#issuecomment-3221311557 https://github.com/simstudioai/sim/issues/959#issue-3320697951 https://github.com/simstudioai/sim/commit/45372aece5e05e04b417442417416a52e90ba174 https://access.redhat.com/security/cve/cve-2025-9801 https://nvd.nist.gov/vuln/detail/CVE-2025-9801