CVE-2024-6673

Опубликовано: 29 окт. 2024

Источник: nvd

CVSS3: 4.4

CVSS3: 6.5

EPSS Низкий

Описание

A Cross-Site Request Forgery (CSRF) vulnerability exists in the install_comfyui endpoint of the lollms_comfyui.py file in the parisneo/lollms-webui repository, versions v9.9 to the latest. The endpoint uses the GET method without requiring a client ID, allowing an attacker to trick a victim into installing ComfyUI. If the victim's device does not have sufficient capacity, this can result in a crash.

Ссылки

https://github.com/parisneo/lollms-webui/commit/c1bb1ad19752aa7541675b398495eaf98fd589f1
Patch
https://huntr.com/bounties/a38f9a7d-b357-427d-adac-f9654d8c0e3c
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:lollms:lollms_web_ui:*:*:*:*:*:*:*:*

Версия до 10 (исключая)

EPSS

Процентиль: 23%

0.00077

Низкий

4.4 Medium

CVSS3

6.5 Medium

CVSS3

Дефекты

CWE-352

Связанные уязвимости

GHSA-86j7-ghr3-wmhx

CVSS3: 4.4

github

больше 1 года назад

A Cross-Site Request Forgery (CSRF) vulnerability exists in the `install_comfyui` endpoint of the `lollms_comfyui.py` file in the parisneo/lollms-webui repository, versions v9.9 to the latest. The endpoint uses the GET method without requiring a client ID, allowing an attacker to trick a victim into installing ComfyUI. If the victim's device does not have sufficient capacity, this can result in a crash.

EPSS

Процентиль: 23%

0.00077

Низкий

4.4 Medium

CVSS3

6.5 Medium

CVSS3

Дефекты

CWE-352