CVE-2024-1646
published 2024-04-16CVE-2024-1646: parisneo/lollms-webui is vulnerable to authentication bypass due to insufficient protection over sensitive endpoints. The application checks if the host…
PriorityP347high8.2CVSS 3.0
AVNACLPRNUINSUCNILAH
EPSS
0.70%
48.5th percentile
parisneo/lollms-webui is vulnerable to authentication bypass due to insufficient protection over sensitive endpoints. The application checks if the host parameter is not '0.0.0.0' to restrict access, which is inadequate when the application is bound to a specific interface, allowing unauthorized access to endpoints such as '/restart_program', '/update_software', '/check_update', '/start_recording', and '/stop_recording'. This vulnerability can lead to denial of service, unauthorized disabling or overriding of recordings, and potentially other impacts if certain features are enabled in the configuration.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| lollms | lollms-webui | < 9.3 | 9.3 |
| parisneo | parisneo_lollms-webui | >= unspecified < 9.3 | 9.3 |
CVSS provenance
nvdv3.08.2HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-5wh4-2859-9f36: parisneo/lollms-webui is vulnerable to authentication bypass due to insufficient protection over sensitive endpoints
ghsa_unreviewed·2024-04-16
CVE-2024-1646 [HIGH] CWE-288 GHSA-5wh4-2859-9f36: parisneo/lollms-webui is vulnerable to authentication bypass due to insufficient protection over sensitive endpoints
parisneo/lollms-webui is vulnerable to authentication bypass due to insufficient protection over sensitive endpoints. The application checks if the host parameter is not '0.0.0.0' to restrict access, which is inadequate when the application is bound to a specific interface, allowing unauthorized access to endpoints such as '/restart_program', '/update_software', '/check_update', '/start_recording', and '/stop_recording'. This vulnerability can lead to denial of service, unauthorized disabling or overriding of recordings, and potentially other impacts if certain features are enabled in the configuration.
Red Hat
kernel: afs: Fix lock recursion
vendor_redhat·2024-11-21·CVSS 5.5
CVE-2024-53090 [MEDIUM] CWE-674 kernel: afs: Fix lock recursion
kernel: afs: Fix lock recursion
In the Linux kernel, the following vulnerability has been resolved:
afs: Fix lock recursion
afs_wake_up_async_call() can incur lock recursion. The problem is that it
is called from AF_RXRPC whilst holding the ->notify_lock, but it tries to
take a ref on the afs_call struct in order to pass it to a work queue - but
if the afs_call is already queued, we then have an extraneous ref that must
be put... calling afs_put_call() may call back down into AF_RXRPC through
rxrpc_kernel_shutdown_call(), however, which might try taking the
->notify_lock again.
This case isn't very common, however, so defer it to a workqueue. The oops
looks something like:
BUG: spinlock recursion on CPU#0, krxrpcio/7001/1646
lock: 0xffff888141399b30, .magic: dead4ead, .owner: krxrpcio/700
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/parisneo/lollms-webui/commit/02e829b5653a1aa5dbbe9413ec84f96caa1274e8https://huntr.com/bounties/2f769c46-aa85-4ab8-8b08-fe791313b7bahttps://github.com/parisneo/lollms-webui/commit/02e829b5653a1aa5dbbe9413ec84f96caa1274e8https://huntr.com/bounties/2f769c46-aa85-4ab8-8b08-fe791313b7ba
2024-04-16
Published