Parisneo Lollms-Webui Vulnerable to Path Traversal and Remote File Inclusion Attacks
CVE-2024-4498

7.7HIGH

Key Information:

Vendor: Parisneo
Status: Parisneo/lollms-webui
Vendor: CVE Published:; 25 June 2024

Summary

A Path Traversal and Remote File Inclusion vulnerability is present in the Lollms-Webui application developed by Parisneo. This flaw is due to insufficient input validation in the '/apply_settings' function, allowing attackers to manipulate the 'discussion_db_name' parameter. This manipulation gives rise to the ability to traverse the file system and include arbitrary files. The issue is further aggravated by a bypass of input filtering mechanisms in the 'install_binding', 'reinstall_binding', and 'unInstall_binding' endpoints. Although the function 'sanitize_path_from_endpoint(data.name)' is intended to mitigate this risk, it is ineffective, thereby enabling attackers to upload and execute malicious code on the victim's system, which can lead to Remote Code Execution.

Affected Version(s)

parisneo/lollms-webui <= unspecified

References

https://huntr.com/bounties/9238e88a-a6ca-4915-9b5d-6cdb41...

CVSS V3.1

Score:

7.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Jun 25, 2024
Vulnerability Reserved
May 4, 2024