CVE-2024-6085Path Traversal in Lollms

CWE-22Path Traversal3 documents3 sources
Severity
8.6HIGHNVD
EPSS
0.1%
top 66.92%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Parisneo LollmsLollms
Timeline
PublishedJun 27

Description

A path traversal vulnerability exists in the XTTS server included in the lollms package, version v9.6. This vulnerability arises from the ability to perform an unauthenticated root folder settings change. Although the read file endpoint is protected against path traversals, this protection can be bypassed by changing the root folder to '/'. This allows attackers to read arbitrary files on the system. Additionally, the output folders can be changed to write arbitrary audio files to any location o

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:LExploitability: 3.9 | Impact: 4.7

Affected Packages2 packages

PyPIlollms/lollms9.5.1
CVEListV5parisneo/parisneo_lollmsunspecifiedlatest

🔴Vulnerability Details

2
GHSA
lollms vulnerable to path traversal due to unauthenticated root folder settings change2024-06-27
OSV
lollms vulnerable to path traversal due to unauthenticated root folder settings change2024-06-27