CVE-2025-28401

Summary

CVE-2025-28401 is a newly discovered vulnerability affecting RUoYi version 4.8.0. This issue grants a remote attacker the ability to escalate privileges by manipulating the menuId parameter. Successful exploitation could lead to unauthorized access and potential data compromise. It is recommended that users immediately update their RUoYi installation to a patched version to mitigate this risk. In more detail, an attacker can exploit a weakness in RUoYi's handling of the menuId parameter, which normally serves to identify and manage different menu items. By crafting a specially crafted input, an attacker can bypass access controls and gain elevated privileges, gaining a foothold in the target system. This vulnerability, CVE-2025-28401, poses a significant risk to organizations using the affected version of RUoYi. It is strongly advised that users apply the available patch as soon as possible to prevent potential attacks and mitigate the associated risks. This escalation of privilege vulnerability, CVE-2025-28401, allows an attacker to usurp the identity and permissions of a higher-level user. The exact cause of this issue lies within the RUoYi application, and attackers can remotely exploit this issue by manipulating the menuId parameter. To protect against this threat, users must upgrade to a newer version of RUoYi that includes the necessary patch to address the vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.