// For flags

CVE-2024-4330

Path Traversal in parisneo/lollms-webui

Severity Score

4.0
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Track*
*SSVC
Descriptions

A path traversal vulnerability was identified in the parisneo/lollms-webui repository, specifically within version 9.6. The vulnerability arises due to improper handling of user-supplied input in the 'list_personalities' endpoint. By crafting a malicious HTTP request, an attacker can traverse the directory structure and view the contents of any folder, albeit limited to subfolder names only. This issue was demonstrated via a specific HTTP request that manipulated the 'category' parameter to access arbitrary directories. The vulnerability is present in the code located at the 'endpoints/lollms_advanced.py' file.

Se identificó una vulnerabilidad de path traversal en el repositorio parisneo/lollms-webui, específicamente en la versión 9.6. La vulnerabilidad surge debido al manejo inadecuado de la entrada proporcionada por el usuario en el endpoint 'list_personalities'. Al crear una solicitud HTTP maliciosa, un atacante puede atravesar la estructura del directorio y ver el contenido de cualquier carpeta, aunque limitado únicamente a los nombres de las subcarpetas. Este problema se demostró mediante una solicitud HTTP específica que manipulaba el parámetro 'categoría' para acceder a directorios arbitrarios. La vulnerabilidad está presente en el código ubicado en el archivo 'endpoints/lollms_advanced.py'.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:Track*
Exploitation
Poc
Automatable
No
Tech. Impact
Partial
* Organization's Worst-case Scenario
Timeline
  • 2024-04-29 CVE Reserved
  • 2024-05-30 CVE Published
  • 2024-05-31 EPSS Updated
  • 2024-08-01 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-23: Relative Path Traversal
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Parisneo
Search vendor "Parisneo"
 Lollms-webui
Search vendor "Parisneo" for product "Lollms-webui"
*-
Affected