Arbitrary File Download Vulnerability in RuoYi v4.7.6 and Below

Arbitrary File Download Vulnerability in RuoYi v4.7.6 and Below

CVE-2023-27025 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

An arbitrary file download vulnerability in the background management module of RuoYi v4.7.6 and below allows attackers to download arbitrary files in the server.

Learn more about our Cis Benchmark Audit For Server Software.