Skip to main content

Aim CVE-2024-6396

CRITICAL
Path Traversal: '\\..\\filename' (CWE-29)
2024-07-12 security@huntr.dev
9.8
CVSS 3.0 · Vendor: huntr
Share

Severity by source

Vendor (huntr) PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from Vendor (huntr) · only source for this CVE.

CVSS VectorVendor: huntr

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Jul 12, 2024 - 00:15 cve.org
CRITICAL 9.8

DescriptionCVE.org

A vulnerability in the _backup_run function in aimhubio/aim version 3.19.3 allows remote attackers to overwrite any file on the host server and exfiltrate arbitrary data. The vulnerability arises due to improper handling of the run_hash and repo.path parameters, which can be manipulated to create and write to arbitrary file paths. This can lead to denial of service by overwriting critical system files, loss of private data, and potential remote code execution.

AnalysisAI

A vulnerability in the _backup_run function in aimhubio/aim version 3.19.3 allows remote attackers to overwrite any file on the host server and exfiltrate arbitrary data. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-29. A vulnerability in the _backup_run function in aimhubio/aim version 3.19.3 allows remote attackers to overwrite any file on the host server and exfiltrate arbitrary data. The vulnerability arises due to improper handling of the run_hash and repo.path parameters, which can be manipulated to create and write to arbitrary file paths. This can lead to denial of service by overwriting critical system files, loss of private data, and potential remote code execution. Affected products include: Aimstack Aim. Version information: version 3.19.3.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

More in Aim

View all
CVE-2024-2195 CRITICAL POC
9.8 Apr 10

A critical Remote Code Execution (RCE) vulnerability was identified in the aimhubio/aim project, specifically within the

CVE-2024-6829 CRITICAL POC
9.1 Mar 20

A vulnerability in aimhubio/aim version 3.19.3 allows an attacker to exploit the `tarfile.extractall()` function to extr

CVE-2024-2196 HIGH POC
8.8 Apr 10

aimhubio/aim is vulnerable to Cross-Site Request Forgery (CSRF), allowing attackers to perform actions such as deleting

CVE-2021-43775 HIGH POC
8.6 Nov 23

Aim is an open-source, self-hosted machine learning experiment tracking tool. Rated high severity (CVSS 8.6), this vulne

CVE-2024-8238 HIGH POC
8.1 Mar 20

In version 3.22.0 of aimhubio/aim, the AimQL query language uses an outdated version of the safer_getattr() function fro

CVE-2024-6851 HIGH POC
7.5 Mar 20

In version 3.22.0 of aimhubio/aim, the LocalFileManager._cleanup function in the aim tracking server accepts a user-spec

CVE-2024-10110 HIGH POC
7.5 Mar 20

In version 3.23.0 of aimhubio/aim, the ScheduledStatusReporter object can be instantiated to run on the main thread of t

CVE-2025-0190 HIGH POC
7.5 Mar 20

In version 3.25.0 of aimhubio/aim, a denial of service vulnerability exists. Rated high severity (CVSS 7.5), this vulner

CVE-2024-12778 HIGH POC
7.5 Mar 20

A vulnerability in aimhubio/aim version 3.25.0 allows for a denial of service (DoS) attack. Rated high severity (CVSS 7.

CVE-2024-8061 HIGH POC
7.5 Mar 20

In version 3.23.0 of aimhubio/aim, certain methods that request data from external servers do not have set timeouts, cau

CVE-2024-6227 HIGH POC
7.5 Jul 08

A vulnerability in aimhubio/aim version 3.19.3 allows an attacker to cause an infinite loop by configuring the remote tr

CVE-2024-8101 MEDIUM POC
6.1 Mar 20

A stored cross-site scripting (XSS) vulnerability exists in the Text Explorer component of aimhubio/aim version 3.23.0.

Share

CVE-2024-6396 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy