Lucene search

GitHub Advisory DatabaseGHSA-8MRM-R7H3-C3HJ

HistoryJul 20, 2024 - 6:30 a.m.

LoLLMS vulnerable to Expected Behavior Violation

2024-07-2006:30:35

CWE-440

GitHub Advisory Database

github.com

lollms

path traversal

apply_settings

security vulnerability

parisneo/lollms

sanitize_path

discussion_db_name

system folders

software

CVSS3

7.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

AI Score

6.7

Confidence

High

JSON

A path traversal vulnerability exists in the apply_settings function of parisneo/lollms versions prior to 9.5.1. The sanitize_path function does not adequately secure the discussion_db_name parameter, allowing attackers to manipulate the path and potentially write to important system folders.

Affected configurations

Vulners

Node

lollmslollmsRange<9.5.1

VendorProductVersionCPE
lollmslollms*cpe:2.3:a:lollms:lollms:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
lollms	lollms	*	cpe:2.3:a:lollms:lollms::::::::

References

github.com/advisories/GHSA-8mrm-r7h3-c3hj

github.com/parisneo/lollms/commit/26a3ff35acf152b49e1087d5698ad4864c7b6092

huntr.com/bounties/0a62f2fb-4e62-4128-9dc4-e8f1d959ac61

nvd.nist.gov/vuln/detail/CVE-2024-6281

CVSS3

7.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

AI Score

6.7

Confidence

High

JSON

Related for GHSA-8MRM-R7H3-C3HJ