Lucene search

GoogleOSV:GHSA-M45C-V46H-C788

HistoryJun 27, 2024 - 9:32 p.m.

lollms path traversal vulnerability allows overriding of config.yaml file, leading to RCE

2024-06-2721:32:08

Google

osv.dev

lollms

path traversal

vulnerability

config.yaml

rce

set_personality_config

parisneo

7.4 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

10.6%

JSON

A path traversal vulnerability in the /set_personality_config endpoint of parisneo/lollms version 9.4.0 allows an attacker to overwrite the configs/config.yaml file. This can lead to remote code execution by changing server configuration properties such as force_accept_remote_access and turn_on_code_validation.

CPENameOperatorVersion
lollmseq1.1.16
lollmseq2.0.16
lollmseq5.9.2
lollmseq1.2.1
lollmseq5.1.1
lollmseq1.1.61
lollmseq4.1.0
lollmseq1.1.55
lollmseq5.8.2
lollmseq2.1.50

Name	Operator	Version
lollms	eq	1.1.16
lollms	eq	2.0.16
lollms	eq	5.9.2
lollms	eq	1.2.1
lollms	eq	5.1.1
lollms	eq	1.1.61
lollms	eq	4.1.0
lollms	eq	1.1.55
lollms	eq	5.8.2
lollms	eq	2.1.50

Rows per page:

1-10 of 2631

References

github.com/parisneo/lollms

github.com/parisneo/lollms/commit/eda3af5f5c4ea9b2f3569f72f8d05989e29367fc

huntr.com/bounties/9ceb7cf9-a7cd-4699-b3f8-d0999d2b49fd

nvd.nist.gov/vuln/detail/CVE-2024-5824

7.4 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

10.6%

JSON

Related for OSV:GHSA-M45C-V46H-C788