Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2024-6250Absolute Path Traversal in Lollms-webui

CWE-36Absolute Path Traversal4 documents4 sources
Severity
7.5HIGHNVD
EPSS
11.3%
top 6.46%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Parisneo Lollms-webuiLollms WEB UI
Timeline
PublishedJun 27

Description

An absolute path traversal vulnerability exists in parisneo/lollms-webui v9.6, specifically in the `open_file` endpoint of `lollms_advanced.py`. The `sanitize_path` function with `allow_absolute_path=True` allows an attacker to access arbitrary files and directories on a Windows system. This vulnerability can be exploited to read any file and list arbitrary directories on the affected system.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5parisneo/parisneo_lollms-webuiunspecifiedlatest

🔴Vulnerability Details

2
GHSA
GHSA-fpqq-pjqc-cp2p: An absolute path traversal vulnerability exists in parisneo/lollms-webui v92024-06-27
VulnCheck
lollms lollms_web_ui Absolute Path Traversal2024

💥Exploits & PoCs

1
Nuclei
LOLLMS WebUI - Absolute Path Traversal