CVE-2024-2361 — Path Traversal: '\..\filename' in WEB UI

CWE-29 — Path Traversal: '\..\filename'3 documents3 sources

Severity

9.6CRITICALNVD

EPSS

0.4%

top 42.33%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Lollms WEB UI Parisneo Lollms-webui

Timeline

PublishedMay 16

Latest updateJul 30

Description

A vulnerability in the parisneo/lollms-webui allows for arbitrary file upload and read due to insufficient sanitization of user-supplied input. Specifically, the issue resides in the `install_model()` function within `lollms_core/lollms/binding.py`, where the application fails to properly sanitize the `file://` protocol and other inputs, leading to arbitrary read and upload capabilities. Attackers can exploit this vulnerability by manipulating the `path` and `variant_name` parameters to achieve …

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:HExploitability: 2.8 | Impact: 6.0

Affected Packages2 packages

▶CVEListV5parisneo/parisneo_lollms-webuiunspecified — latest

▶NVDlollms/lollms_web_ui< 9.5

Patches

Patch: huntr.com ↗Patch: huntr.com ↗

🔴Vulnerability Details

GHSA

GHSA-233r-pc37-vpf7: A vulnerability in the parisneo/lollms-webui allows for arbitrary file upload and read due to insufficient sanitization of user-supplied input↗2024-05-16

▶

📋Vendor Advisories

Red Hat

kernel: cdrom: rearrange last_media_change check to avoid unintentional overflow↗2024-07-30

▶