Lucene search
K

4 matches found

NVD
NVD
added 2024/04/16 12:15 a.m.14 views

CVE-2024-0549

mintplex-labs/anything-llm is vulnerable to a relative path traversal attack, allowing unauthorized attackers with a default role account to delete files and folders within the filesystem, including critical database files such as 'anythingllm.db'. The vulnerability stems from insufficient input...

8.1CVSS8AI score0.00819EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/04/16 12:0 a.m.21 views

CVE-2024-0549 Relative Path Traversal in mintplex-labs/anything-llm

mintplex-labs/anything-llm is vulnerable to a relative path traversal attack, allowing unauthorized attackers with a default role account to delete files and folders within the filesystem, including critical database files such as 'anythingllm.db'. The vulnerability stems from insufficient input...

8.1CVSS6.8AI score0.00819EPSS
Exploits1References2
OSV
OSV
added 2024/04/16 12:0 a.m.21 views

CVE-2024-0549 Relative Path Traversal in mintplex-labs/anything-llm

mintplex-labs/anything-llm is vulnerable to a relative path traversal attack, allowing unauthorized attackers with a default role account to delete files and folders within the filesystem, including critical database files such as 'anythingllm.db'. The vulnerability stems from insufficient input...

8.1CVSS7.2AI score0.00819EPSS
Exploits1References4
CVE
CVE
added 2024/04/16 12:0 a.m.72 views

CVE-2024-0549

The CVE-2024-0549 entry concerns mintplex-labs/anything-llm and describes a relative path traversal in deletion requests. The root cause is insufficient input validation/normalization when handling file and folder deletion, allowing an authenticated default-role attacker to delete files (includin...

8.1CVSS7.9AI score0.00819EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder