CVE-2024-4881

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-4881
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-4881.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-4881
Aliases
Published
2024-06-06T19:16:03Z
Modified
2024-10-17T17:59:02.590847Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

A path traversal vulnerability exists in the parisneo/lollms application, affecting version 9.4.0 and potentially earlier versions, but fixed in version 5.9.0. The vulnerability arises due to improper validation of file paths between Windows and Linux environments, allowing attackers to traverse beyond the intended directory and read any file on the Windows system. Specifically, the application fails to adequately sanitize file paths containing backslashes (\), which can be exploited to access the root directory and read, or even delete, sensitive files. This issue was discovered in the context of the /user_infos endpoint, where a crafted request using backslashes to reference a file (e.g., \windows\win.ini) could result in unauthorized file access. The impact of this vulnerability includes the potential for attackers to access sensitive information such as environment variables, database files, and configuration files, which could lead to further compromise of the system.

References

Affected packages

Git / github.com/parisneo/lollms

Affected ranges

Type
GIT
Repo
https://github.com/parisneo/lollms
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

v5.*

v5.9.0