CVE-2024-6139Path Traversal: '\..\filename' in Lollms

CWE-29Path Traversal: '\..\filename'3 documents3 sources
Severity
7.3HIGHNVD
EPSS
0.1%
top 68.89%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Parisneo LollmsLollms
Timeline
PublishedJun 27

Description

A path traversal vulnerability exists in the XTTS server of the parisneo/lollms package version v9.6. This vulnerability allows an attacker to write audio files to arbitrary locations on the system and enumerate file paths. The issue arises from improper validation of user-provided file paths in the `tts_to_file` endpoint.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:LExploitability: 3.9 | Impact: 3.4

Affected Packages2 packages

CVEListV5parisneo/parisneo_lollmsunspecifiedlatest
PyPIlollms/lollms9.5.1

🔴Vulnerability Details

2
GHSA
lollms vulnerable to dot-dot-slash path traversal in XTTS server2024-06-27
OSV
lollms vulnerable to dot-dot-slash path traversal in XTTS server2024-06-27