CVE-2024-2624

CRITICAL Year: 2024
CVSS v3 Score
9.4
Critical
Weakness Type
CWE-29
View all →

Vulnerability Description

A path traversal and arbitrary file upload vulnerability exists in the parisneo/lollms-webui application, specifically within the `@router.get("/switch_personal_path")` endpoint in `./lollms-webui/lollms_core/lollms/server/endpoints/lollms_user.py`. The vulnerability arises due to insufficient sanitization of user-supplied input for the `path` parameter, allowing an attacker to specify arbitrary file system paths. This flaw enables direct arbitrary file uploads, leakage of `personal_data`, and overwriting of configurations in `lollms-webui`->`configs` by exploiting the same named directory in `personal_data`. The issue affects the latest version of the application and is fixed in version 9.4. Successful exploitation could lead to sensitive information disclosure, unauthorized file uploads, and potentially remote code execution by overwriting critical configuration files.

Related Vulnerabilities

CVE-2024-3573

CRITICAL
CVSS:9.3(Critical)

mlflow/mlflow is vulnerable to Local File Inclusion (LFI) due to improper parsing of URIs, allowing attackers to bypass checks and read arbitrary files on the system. The issue arises from the 'is_loc...

CWE-292024

CVE-2024-2361

CRITICAL
CVSS:9.6(Critical)

A vulnerability in the parisneo/lollms-webui allows for arbitrary file upload and read due to insufficient sanitization of user-supplied input. Specifically, the issue resides in the `install_model()`...

CWE-292024

CVE-2024-5211

CRITICAL
CVSS:9.1(Critical)

A path traversal vulnerability in mintplex-labs/anything-llm allowed a manager to bypass the `normalizePath()` function, intended to defend against path traversal attacks. This vulnerability enables t...

CWE-292024

CVE-2024-5926

CRITICAL
CVSS:9.1(Critical)

A path traversal vulnerability in the get-project-files functionality of stitionai/devika allows attackers to read arbitrary files from the filesystem and cause a Denial of Service (DoS). This issue i...

CWE-292024

CVE-2024-7957

CRITICAL
CVSS:9.1(Critical)

An arbitrary file overwrite vulnerability exists in the ZulipConnector of danswer-ai/danswer, affecting the latest version. The vulnerability arises from the load_credentials method, where user-contro...

CWE-292024

CVE-2024-8537

CRITICAL
CVSS:9.1(Critical)

A path traversal vulnerability exists in the modelscope/agentscope application, affecting all versions. The vulnerability is present in the /delete-workflow endpoint, allowing an attacker to delete ar...

CWE-292024