Lollms Web Ui
CVE-2024-2361
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Primary rating from Vendor (huntr) · only source for this CVE.
CVSS VectorVendor: huntr
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
A vulnerability in the parisneo/lollms-webui allows for arbitrary file upload and read due to insufficient sanitization of user-supplied input. Specifically, the issue resides in the install_model() function within lollms_core/lollms/binding.py, where the application fails to properly sanitize the file:// protocol and other inputs, leading to arbitrary read and upload capabilities. Attackers can exploit this vulnerability by manipulating the path and variant_name parameters to achieve path traversal, allowing for the reading of arbitrary files and uploading files to arbitrary locations on the server. This vulnerability affects the latest version of parisneo/lollms-webui.
AnalysisAI
A vulnerability in the parisneo/lollms-webui allows for arbitrary file upload and read due to insufficient sanitization of user-supplied input. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-29. A vulnerability in the parisneo/lollms-webui allows for arbitrary file upload and read due to insufficient sanitization of user-supplied input. Specifically, the issue resides in the install_model() function within lollms_core/lollms/binding.py, where the application fails to properly sanitize the file:// protocol and other inputs, leading to arbitrary read and upload capabilities. Attackers can exploit this vulnerability by manipulating the path and variant_name parameters to achieve path traversal, allowing for the reading of arbitrary files and uploading files to arbitrary locations on the server. This vulnerability affects the latest version of parisneo/lollms-webui. Affected products include: Lollms Lollms Web Ui.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Lollms Web Ui
View allA path traversal vulnerability exists in the `install` and `uninstall` API endpoints of parisneo/lollms-webui version V1
A remote code execution (RCE) vulnerability exists in the '/install_extension' endpoint of the parisneo/lollms-webui app
A path traversal vulnerability exists in the 'cyber_security/codeguard' native personality of the parisneo/lollms-webui,
A path traversal and arbitrary file upload vulnerability exists in the parisneo/lollms-webui application, specifically w
parisneo/lollms-webui is vulnerable to path traversal attacks that can lead to remote code execution due to insufficient
A vulnerability in the parisneo/lollms-webui version 9.3 allows attackers to bypass intended access restrictions and exe
A Server-Side Request Forgery (SSRF) vulnerability exists in the 'add_webpage' endpoint of the parisneo/lollms-webui app
A vulnerability in parisneo/lollms-webui versions up to 9.3 allows remote attackers to execute arbitrary code. Rated cri
A path traversal vulnerability in the '/apply_settings' endpoint of parisneo/lollms-webui allows attackers to execute ar
An OS Command Injection vulnerability exists in the '/open_code_folder' endpoint of the parisneo/lollms-webui applicatio
The parisneo/lollms-webui repository is susceptible to a path traversal vulnerability due to inadequate validation of us
A Local File Inclusion (LFI) vulnerability exists in the parisneo/lollms-webui application, specifically within the `/pe
Same weakness CWE-29 – Path Traversal: '\\..\\filename'
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today