CVE-2025-9805 | SimStudioAI sim up to 51b1e97fa22c48d144aef75f8ca31a74ad2cfed2 route.ts server-side request forgery (Issue 1128)

A vulnerability, which was classified as critical, was found in SimStudioAI sim up to 51b1e97fa22c48d144aef75f8ca31a74ad2cfed2. This issue affects some unknown processing of the file apps/sim/app/api/proxy/image/route.ts. The manipulation results in server-side request forgery.

This vulnerability was named CVE-2025-9805. The attack may be performed from remote. In addition, an exploit is available.

This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed. Applying a patch is advised to resolve this issue.

CVE-2025-9805 | SimStudioAI sim up to 51b1e97fa22c48d144aef75f8ca31a74ad2cfed2 route.ts server-side request forgery (Issue 1128)

Post correlati

CVE-2020-12612 | BeyondTrust Privilege Management up to 5.6 on Windows Environment Variable Local Privilege Escalation

CVE-2023-5629 | Schneider Electric Trio Q-Series Ethernet Data Radio redirect (SEVD-2023-346-01)

CVE-2024-46946 | langchain_experimental up to 0.3.0 sympy.sympify Privilege Escalation

CVE-2025-30279 | QNAP File Station 5.5.6.4847 certificate validation (qsa-25-16)