CVE-2024-6396

CRITICAL Year: 2024
CVSS v3 Score
9.8
Critical
Weakness Type
CWE-29
View all →

Vulnerability Description

A vulnerability in the `_backup_run` function in aimhubio/aim version 3.19.3 allows remote attackers to overwrite any file on the host server and exfiltrate arbitrary data. The vulnerability arises due to improper handling of the `run_hash` and `repo.path` parameters, which can be manipulated to create and write to arbitrary file paths. This can lead to denial of service by overwriting critical system files, loss of private data, and potential remote code execution.

Related Vulnerabilities

CVE-2023-1177

CRITICAL
CVSS:9.8(Critical)

Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.2.1.

CWE-292023

CVE-2023-2780

CRITICAL
CVSS:9.8(Critical)

Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.3.1.

CWE-292023

CVE-2023-6975

CRITICAL
CVSS:9.8(Critical)

A malicious user could use this issue to get command execution on the vulnerable machine and get access to data & models information.

CWE-292023

CVE-2024-2358

CRITICAL
CVSS:9.8(Critical)

A path traversal vulnerability in the '/apply_settings' endpoint of parisneo/lollms-webui allows attackers to execute arbitrary code. The vulnerability arises due to insufficient sanitization of user-...

CWE-292024

CVE-2024-2360

CRITICAL
CVSS:9.8(Critical)

parisneo/lollms-webui is vulnerable to path traversal attacks that can lead to remote code execution due to insufficient sanitization of user-supplied input in the 'Database path' and 'PDF LaTeX path'...

CWE-292024

CVE-2024-3429

CRITICAL
CVSS:9.8(Critical)

A path traversal vulnerability exists in the parisneo/lollms application, specifically within the `sanitize_path_from_endpoint` and `sanitize_path` functions in `lollms_core\lollms\security.py`. This ...

CWE-292024