Lucene search

@huntr_aiCVELIST:CVE-2024-3029

HistoryApr 16, 2024 - 12:00 a.m.

CVE-2024-3029 Improper Input Validation in mintplex-labs/anything-llm

2024-04-1600:00:14

CWE-20

@huntr_ai

www.cve.org

input validation

improper input

json payload

catch block

unauthorized access

admin user creation

vulnerability

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

AI Score

9.1

Confidence

High

EPSS

Percentile

9.0%

JSON

In mintplex-labs/anything-llm, an attacker can exploit improper input validation by sending a malformed JSON payload to the ‘/system/enable-multi-user’ endpoint. This triggers an error that is caught by a catch block, which in turn deletes all users and disables the ‘multi_user_mode’. The vulnerability allows an attacker to remove all existing users and potentially create a new admin user without requiring a password, leading to unauthorized access and control over the application.

CNA Affected

[
  {
    "vendor": "mintplex-labs",
    "product": "mintplex-labs/anything-llm",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "1.0.0",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

References

github.com/mintplex-labs/anything-llm/commit/99cfee1e7025fe9a0919a4d506ba1e1b819f6073

huntr.com/bounties/7189a7a0-9830-459d-b853-bdc2559999a0

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

AI Score

9.1

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for CVELIST:CVE-2024-3029