CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0798 – Privilege Escalation in mintplex-labs/anything-llm
https://notcve.org/view.php?id=CVE-2024-0798
25 Feb 2024 — A privilege escalation vulnerability exists in mintplex-labs/anything-llm, allowing users with 'default' role to delete documents uploaded by 'admin'. Despite the intended restriction that prevents 'default' role users from deleting admin-uploaded documents, an attacker can exploit this vulnerability by sending a crafted DELETE request to the /api/system/remove-document endpoint. This vulnerability is due to improper access control checks, enabling unauthorized document deletion and potentially leading to l... • https://github.com/mintplex-labs/anything-llm/commit/d5cde8b7c27a47ab45b05b441db16751537f1733 • CWE-272: Least Privilege Violation •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0436 – Prevent timing attack for single-user password check
https://notcve.org/view.php?id=CVE-2024-0436
25 Feb 2024 — Theoretically, it would be possible for an attacker to brute-force the password for an instance in single-user password protection mode via a timing attack given the linear nature of the `!==` used for comparison. The risk is minified by the additional overhead of the request, which varies in a non-constant nature making the attack less reliable to execute En teoría, sería posible que un atacante aplicara fuerza bruta a la contraseña de una instancia en modo de protección de contraseña de usuario único medi... • https://github.com/mintplex-labs/anything-llm/commit/3c859ba3038121b67fb98e87dc52617fa27cbef0 • CWE-203: Observable Discrepancy CWE-764: Multiple Locks of a Critical Resource •
CVSS: 9.9EPSS: 0%CPEs: 2EXPL: 0CVE-2024-0455 – SSRF on AWS deployed instances of AnythingLLM via /metadata
https://notcve.org/view.php?id=CVE-2024-0455
25 Feb 2024 — The inclusion of the web scraper for AnythingLLM means that any user with the proper authorization level (manager, admin, and when in single user) could put in the URL ``` http://169.254.169.254/latest/meta-data/identity-credentials/ec2/security-credentials/ec2-instance ``` which is a special IP and URL that resolves only when the request comes from within an EC2 instance. This would allow the user to see the connection/secret credentials for their specific instance and be able to manage it regardless of wh... • https://github.com/mintplex-labs/anything-llm/commit/b2b2c2afe15c48952d57b4d01e7108f9515c5f55 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0879 – Authentication bypass in vector-admin domain restriction
https://notcve.org/view.php?id=CVE-2024-0879
25 Jan 2024 — Authentication bypass in vector-admin allows a user to register to a vector-admin server while “domain restriction” is active, even when not owning an authorized email address. La omisión de autenticación en vector-admin permite a un usuario registrarse en un servidor de vector-admin mientras "domain restriction" está activo, incluso cuando no posee una dirección de correo electrónico autorizada. • https://github.com/Mintplex-Labs/vector-admin/pull/128/commits/a581b8177dd6be719a5ef6d3ce4b1e939636bb41 • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 2%CPEs: 1EXPL: 1CVE-2024-22422 – Unauthenticated Denial of Service (DOS) attack in AnythingLLM
https://notcve.org/view.php?id=CVE-2024-22422
19 Jan 2024 — AnythingLLM is an application that turns any document, resource, or piece of content into context that any LLM can use as references during chatting. In versions prior to commit `08d33cfd8` an unauthenticated API route (file export) can allow attacker to crash the server resulting in a denial of service attack. The “data-export” endpoint is used to export files using the filename parameter as user input. The endpoint takes the user input, filters it to avoid directory traversal attacks, fetches the file fro... • https://github.com/Mintplex-Labs/anything-llm/commit/08d33cfd8fc47c5052b6ea29597c964a9da641e2 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5833 – Improper Access Control in mintplex-labs/anything-llm
https://notcve.org/view.php?id=CVE-2023-5833
30 Oct 2023 — Improper Access Control in GitHub repository mintplex-labs/anything-llm prior to 0.1.0. Control de acceso inadecuado en el repositorio de GitHub mintplex-labs/anything-llm anterior a 0.1.0. • https://github.com/mintplex-labs/anything-llm/commit/d5b1f84a4c7991987eac3454d4f1b4067841d783 • CWE-284: Improper Access Control •
CVSS: 9.4EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5832 – Improper Input Validation in mintplex-labs/anything-llm
https://notcve.org/view.php?id=CVE-2023-5832
30 Oct 2023 — Improper Input Validation in GitHub repository mintplex-labs/anything-llm prior to 0.1.0. Validación de entrada incorrecta en el repositorio de GitHub mintplex-labs/anything-llm anterior a 0.1.0. • https://github.com/mintplex-labs/anything-llm/commit/18798c5b640018aaee924e0afd941705d88df92e • CWE-20: Improper Input Validation •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-4899 – SQL Injection in mintplex-labs/anything-llm
https://notcve.org/view.php?id=CVE-2023-4899
11 Sep 2023 — SQL Injection in GitHub repository mintplex-labs/anything-llm prior to 0.0.1. Inyección SQL en el repositorio de GitHub mintplex-labs/anything-llm anterior a 0.0.1. • https://github.com/mintplex-labs/anything-llm/commit/dc3dfbf31495fe316b21ee184b9317b38101d30e • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 1CVE-2023-4898 – Authentication Bypass by Primary Weakness in mintplex-labs/anything-llm
https://notcve.org/view.php?id=CVE-2023-4898
11 Sep 2023 — Authentication Bypass by Primary Weakness in GitHub repository mintplex-labs/anything-llm prior to 0.0.1. Omisión de autenticación por debilidad principal en el repositorio de GitHub mintplex-labs/anything-llm anterior a 0.0.1. • https://github.com/mintplex-labs/anything-llm/commit/dc3dfbf31495fe316b21ee184b9317b38101d30e • CWE-305: Authentication Bypass by Primary Weakness •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-4897 – Relative Path Traversal in mintplex-labs/anything-llm
https://notcve.org/view.php?id=CVE-2023-4897
11 Sep 2023 — Relative Path Traversal in GitHub repository mintplex-labs/anything-llm prior to 0.0.1. Path Traversal Relativo en el repositorio de GitHub mintplex-labs/anything-llm anterior a 0.0.1. • https://github.com/mintplex-labs/anything-llm/commit/3c88aec034934bcbad30c5ef1cab62cbbdb98e64 • CWE-23: Relative Path Traversal •