Zast.Ai
·
Published
2025-09-01
·
Updated
2025-09-02
·
CVE-2025-9801
5.5
Medium
| Base vector | Vector | AV:N/AC:L/Au:S/C:N/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
SimStudioAI sim up to ed9b9ad83f1a7c61f4392787fb51837d34eeb0af
Description:
A security vulnerability has been detected that allows for path traversal through manipulation of the `filePath` argument. Remote exploitation is possible, and the exploit has been publicly disclosed.
Recommendations:
Deploy patch 45372aece5e05e04b417442417416a52e90ba174.
Exploit
Fix
Path traversal