CRITICAL🇵🇱 Wersja polska

CVE-2025-28408

CVSS 9.8v3.1pub. 2025-04-07upd. 2025-04-09

An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the selectDeptTree method of the /selectDeptTree/{deptId} endpoint does not properly validate the deptId parameter

🤖 AI Analysis
How it works

The selectDeptTree method handling the /selectDeptTree/{deptId} endpoint does not perform proper validation of the deptId parameter passed by the user. An unauthenticated remote attacker can craft an appropriate HTTP request with a manipulated deptId value, resulting in unauthorized privilege escalation in the application. The vulnerability is classified as CWE-284 (Improper Access Control), indicating a lack of access control to a sensitive resource.

Impact

An attacker can obtain elevated privileges in the system, potentially leading to complete takeover of the application, including violation of data confidentiality, integrity, and availability.

Mitigation & patch

Apply patches available from the vendor according to references. It is recommended to monitor the project repository (https://github.com/yangzongzhuan/RuoYi) for updates. Until the patch is deployed, consider restricting access to the /selectDeptTree/{deptId} endpoint at the firewall or reverse proxy level.

Who is affected

RuoYi v.4.8.0

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Ruoyi

    APP
    Ruoyi
    4.8.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
LPE
CWE
References

Related vulnerabilities

CVE-2025-70985CRITICAL9.1PL ✓ten sam produkt

RuoYi v4.8.2 — nieprawidłowa kontrola dostępu w funkcji aktualizacji

CVE-2024-57521CRITICAL10.0PL ✓ten sam produkt

SQL Injection (RCE) w RuoYi v.4.7.9 i wcześniejszych — funkcja createTable

CVE-2025-28405CRITICAL9.8PL ✓ten sam produkt

RuoYi 4.8.0 – privilege escalation przez metodę changeStatus

CVE-2025-28402CRITICAL9.8PL ✓ten sam produkt

Eskalacja uprawnień przez parametr jobId w RuoYi v.4.8.0

CVE-2025-28406CRITICAL9.8PL ✓ten sam produkt

Eskalacja uprawnień w RuoYi v.4.8.0 poprzez parametr jobLogId