CNNVD-202509-221 Information
CNNVD ID
CNNVD-202509-221
Related CVE
- CNNVD Published: 2025-09-02
Description (Chinese)
Sim Studio是Sim Studio开源的一个AI代理工作流构建器。 Sim Studio存在代码问题漏洞,该漏洞源于文件apps/sim/app/api/proxy/image/route.ts的错误操作导致服务器端请求伪造。
Description (English)
Sim Studio is an AI proxy workflow builder at Sim Studio Open Source. Sim Studio has a code gap, which stems from the error of document apps/sim/app/api/proxy/image/route.ts, which led to the forgery of server requests.
Hazard Level
High
Vulnerability Type
代码问题
Affected Vendor
SIMPLE
Published
2025-09-02
Last Modified
2026-02-24
References
https://vuldb.com/?submit.640821 https://vuldb.com/?id.322129 https://vuldb.com/?ctiid.322129 https://github.com/simstudioai/sim/issues/1128#issuecomment-3226867869 https://github.com/simstudioai/sim/issues/1128#issue-3349260976 https://github.com/simstudioai/sim/commit/3424a338b763115f0269b209e777608e4cd31785 https://access.redhat.com/security/cve/cve-2025-9805 https://nvd.nist.gov/vuln/detail/CVE-2025-9805
Share on: