CVE-2024-2366

Опубликовано: 16 мая 2024

Источник: nvd

CVSS3: 9

EPSS Низкий

Описание

A remote code execution vulnerability exists in the parisneo/lollms-webui application, specifically within the reinstall_binding functionality in lollms_core/lollms/server/endpoints/lollms_binding_infos.py of the latest version. The vulnerability arises due to insufficient path sanitization, allowing an attacker to exploit path traversal to navigate to arbitrary directories. By manipulating the binding_path to point to a controlled directory and uploading a malicious init.py file, an attacker can execute arbitrary code on the server.

Ссылки

https://huntr.com/bounties/63266c77-408b-45ff-962c-8163db50a864
Exploit
Issue Tracking
Patch
Third Party Advisory
https://huntr.com/bounties/63266c77-408b-45ff-962c-8163db50a864
Exploit
Issue Tracking
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:lollms:lollms_web_ui:*:*:*:*:*:*:*:*

Версия до 9.5 (исключая)

EPSS

Процентиль: 84%

0.02287

Низкий

9 Critical

CVSS3

Дефекты

CWE-77

Связанные уязвимости

GHSA-jgmp-p428-99m5

CVSS3: 9

github

больше 1 года назад

A remote code execution vulnerability exists in the parisneo/lollms-webui application, specifically within the reinstall_binding functionality in lollms_core/lollms/server/endpoints/lollms_binding_infos.py of the latest version. The vulnerability arises due to insufficient path sanitization, allowing an attacker to exploit path traversal to navigate to arbitrary directories. By manipulating the binding_path to point to a controlled directory and uploading a malicious __init__.py file, an attacker can execute arbitrary code on the server.

EPSS

Процентиль: 84%

0.02287

Низкий

9 Critical

CVSS3

Дефекты

CWE-77