CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
9.6%
A vulnerability in the parisneo/lollms-webui version 9.3 allows attackers to bypass intended access restrictions and execute arbitrary code. The issue arises from the application’s handling of the /execute_code
endpoint, which is intended to be blocked from external access by default. However, attackers can exploit the /update_setting
endpoint, which lacks proper access control, to modify the host
configuration at runtime. By changing the host
setting to an attacker-controlled value, the restriction on the /execute_code
endpoint can be bypassed, leading to remote code execution. This vulnerability is due to improper neutralization of special elements used in an OS command (Improper Neutralization of Special Elements used in an OS Command
).