Description

In infiniflow/ragflow versions 0.12.0, the `web_crawl` function in `document_app.py` contains multiple vulnerabilities. The function does not filter URL parameters, allowing attackers to exploit Full Read SSRF by accessing internal network addresses and viewing their content through the generated PDF files. Additionally, the lack of restrictions on the file protocol enables Arbitrary File Read, allowing attackers to read server files. Furthermore, the use of an outdated Chromium headless version with --no-sandbox mode enabled makes the application susceptible to Remote Code Execution (RCE) via known Chromium v8 vulnerabilities. These issues are resolved in version 0.14.0.

INFO

Published Date :

2025-03-20T10:11:05.133Z

Last Modified :

2025-04-04T08:45:39.429Z

Source :

@huntr_ai
AFFECTED PRODUCTS

The following products are affected by CVE-2024-12450 vulnerability.

Vendors Products
Infiniflow
  • Ragflow
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-12450.

URL Resource
https://github.com/infiniflow/ragflow/commit/3faae0b2c2f8a26233ee1442ba04874b3406f6e9 cve-icon cve-icon
https://huntr.com/bounties/da06360c-87c3-4ba9-be67-29f6eff9d44a cve-icon cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact