← Back

CVE-2024-12450

nvd nist
Published: Mar 20, 2025Modified: Apr 4, 2025

JSON object

Loading...
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

In infiniflow/ragflow versions 0.12.0, the `web_crawl` function in `document_app.py` contains multiple vulnerabilities. The function does not filter URL parameters, allowing attackers to exploit Full Read SSRF by accessing internal network addresses and viewing their content through the generated PDF files. Additionally, the lack of restrictions on the file protocol enables Arbitrary File Read, allowing attackers to read server files. Furthermore, the use of an outdated Chromium headless version with --no-sandbox mode enabled makes the application susceptible to Remote Code Execution (RCE) via known Chromium v8 vulnerabilities. These issues are resolved in version 0.14.0.

Affected (1)

Products: Infiniflow: Ragflow
Infiniflow
1 product
Ragflow
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Ragflow
Version 0.12.0

Related CWEs

CWE-918
Server-Side Request Forgery (SSRF)
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

References (3)

Source: security@huntr.dev
Patch
Source: security@huntr.dev
Exploit
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Exploit

Timeline

No history available yet.