Lucene search

@huntr_aiVULNRICHMENT:CVE-2024-4841

HistoryJun 23, 2024 - 2:33 p.m.

CVE-2024-4841 Path Traversal in parisneo/lollms-webui

2024-06-2314:33:33

CWE-29

@huntr_ai

github.com

path traversal

parisneo/lollms-webui

input sanitization

http requests

endpoint

vulnerability

version v9.6

exploiting vulnerability

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

6.8

Confidence

High

SSVC

Exploitation

poc

Automatable

Technical Impact

partial

JSON

A Path Traversal vulnerability exists in the parisneo/lollms-webui, specifically within the ‘add_reference_to_local_mode’ function due to the lack of input sanitization. This vulnerability affects versions v9.6 to the latest. By exploiting this vulnerability, an attacker can predict the folders, subfolders, and files present on the victim’s computer. The vulnerability is present in the way the application handles the ‘path’ parameter in HTTP requests to the ‘/add_reference_to_local_model’ endpoint.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:parisneo:lollms-webui:9.6:*:*:*:*:*:*:*"
    ],
    "vendor": "parisneo",
    "product": "lollms-webui",
    "versions": [
      {
        "status": "affected",
        "version": "9.6",
        "versionType": "custom",
        "lessThanOrEqual": "*"
      }
    ],
    "defaultStatus": "unknown"
  }
]

References

huntr.com/bounties/740dda3e-7104-4ccf-9ac4-8870e4d6d602

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

6.8

Confidence

High

SSVC

Exploitation

poc

Automatable

Technical Impact

partial

JSON

Related for VULNRICHMENT:CVE-2024-4841