CVE-2025-66908

MEDIUM

Turms AI-Serving < 0.10.0-SNAPSHOT - Unrestricted File Upload via OCR Image Upload

Title source: llm

Description

Turms AI-Serving module v0.10.0-SNAPSHOT and earlier contains an improper file type validation vulnerability in the OCR image upload functionality. The OcrController in turms-ai-serving/src/main/java/im/turms/ai/domain/ocr/controller/OcrController.java uses the @FormData(contentType = MediaTypeConst.IMAGE) annotation to restrict uploads to image files, but this constraint is not properly enforced. The system relies solely on client-provided Content-Type headers and file extensions without validating actual file content using magic bytes (file signatures). An attacker can upload arbitrary file types including executables, scripts, HTML, or web shells by setting the Content-Type header to "image/*" or using an image file extension. This bypass enables potential server-side code execution, stored XSS, or information disclosure depending on how uploaded files are processed and served.

References (3)

Core 3

Core References

Product

https://github.com/turms-im/turms

Exploit, Third Party Advisory

https://github.com/Xzzz111/public_cve_report/blob/main/CVE-2025-66908_report.md

View Exploit ZIP pw:eip

Product

https://github.com/turms-im/turms/blob/develop/turms-ai-serving/src/main/java/im/turms/ai/domain/ocr/controller/OcrController.java

Scores

CVSS v3 5.3

EPSS 0.0037

EPSS Percentile 28.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-434

Status published

Products (1)

turms-im/turms 0.10.0-snapshot

Published Dec 19, 2025

Tracked Since Feb 18, 2026