Arbitrary Code Execution Vulnerability in Parisneo/Lollms-Webui
CVE-2024-2358

9.8CRITICAL

Key Information:

Vendor: Parisneo
Status: Parisneo/lollms-webui
Vendor: CVE Published:; 16 May 2024

Summary

A path traversal vulnerability exists in the '/apply_settings' endpoint of the parisneo/lollms-webui, allowing attackers to execute arbitrary code due to inadequate sanitization of user-supplied input in the configuration settings, particularly within the 'extensions' parameter. By crafting specially designed payloads that include relative path traversal sequences such as '../../../', an attacker can manipulate the input to navigate to unintended directories. This exploitation capability enables unauthorized loading and execution of a malicious 'init.py' file on the server, leading to a significant security compromise for users of the affected product.

Affected Version(s)

parisneo/lollms-webui <= unspecified

References

https://huntr.com/bounties/b2771df3-be50-45bd-93c4-0974ce...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 16, 2024
Vulnerability Reserved
Mar 9, 2024