Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SimStudioAI sim route.ts code injection
Vulnerability Description
A vulnerability was identified in SimStudioAI sim up to 1.0.0. This impacts an unknown function of the file apps/sim/app/api/function/execute/route.ts. The manipulation of the argument code leads to code injection. The attack is possible to be carried out remotely.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
对生成代码的控制不恰当(代码注入)
Vulnerability Title
Sim Studio 代码注入漏洞
Vulnerability Description
Sim Studio是Sim Studio开源的一个AI代理工作流构建器。 Sim Studio 1.0.0及之前版本存在代码注入漏洞,该漏洞源于对参数code的错误操作可能导致代码注入。
CVSS Information
N/A
Vulnerability Type
N/A