CVE-2025-3202

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-3202
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-3202.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-3202
Published
2025-04-04T03:15:13.997Z
Modified
2026-04-12T15:38:13.816506Z
Severity
  • 9.1 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVSS Calculator
Summary
[none]
Details

A vulnerability classified as critical has been found in ageerle ruoyi-ai up to 2.0.0. Affected is an unknown function of the file ruoyi-modules/ruoyi-system/src/main/java/org/ruoyi/system/controller/system/SysNoticeController.java. The manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.0.1 is able to address this issue. The name of the patch is 6382e177bf90cc56ff70521842409e35c50df32d. It is recommended to upgrade the affected component.

References

Affected packages

Git / github.com/ageerle/ruoyi-ai

Affected ranges

Type
GIT
Repo
https://github.com/ageerle/ruoyi-ai
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
6382e177bf90cc56ff70521842409e35c50df32d
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.0.1"
        }
    ]
}

Database specific

vanir_signatures_modified 
"2026-04-12T15:38:13Z"
vanir_signatures 
[
    {
        "id": "CVE-2025-3202-7c610e54",
        "target": {
            "file": "ruoyi-modules/ruoyi-system/src/main/java/org/ruoyi/system/controller/system/SysNoticeController.java"
        },
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "283546586693771569642354098009633013813",
                "235358149465883840531758308628939771750",
                "277121855913105872701497894733373211273",
                "160398779371343553221005021871176189224",
                "189491751992891881654870343992507600630",
                "259551517183874887658502738804595811340"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "source": "https://github.com/ageerle/ruoyi-ai/commit/6382e177bf90cc56ff70521842409e35c50df32d",
        "signature_version": "v1"
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-3202.json"