Plattform
python
Komponente
parisneo/lollms-webui
Behoben in
v9.3
CVE-2024-1873 describes a Path Traversal vulnerability discovered in the lollms-webui project, specifically within its /select_database endpoint. This flaw allows attackers to manipulate file paths, potentially leading to denial of service by creating directories that interfere with critical system files. The vulnerability affects versions of lollms-webui up to and including v9.3, and a fix is available in version v9.3.
The primary impact of CVE-2024-1873 is denial of service. An attacker can exploit this vulnerability by crafting malicious requests to the /select_database endpoint, specifying absolute paths to create directories. These directories can be named to mimic critical system files, such as those used for HTTPS certificates or other essential configuration files. By creating directories with these names, the attacker can prevent the lollms-webui application from starting correctly, effectively rendering the system unavailable. While the description doesn't explicitly mention data exfiltration, the ability to create arbitrary directories raises concerns about potential privilege escalation or further exploitation if the application runs with elevated permissions. The blast radius extends to any system running a vulnerable version of lollms-webui.
As of the publication date (2024-06-06), CVE-2024-1873 is not listed on the CISA KEV catalog. There are currently no publicly available proof-of-concept exploits, but the vulnerability's ease of exploitation suggests a potential for rapid exploitation. The vulnerability's impact is primarily denial of service, which may not trigger immediate widespread alerts but could still disrupt services. The NVD entry was created on the same date as the public disclosure.
Organizations deploying lollms-webui in production environments, particularly those with lax file permission configurations or those running vulnerable versions (≤v9.3) are at risk. Shared hosting environments where multiple users share the same server instance are also particularly vulnerable, as an attacker could potentially exploit this vulnerability to impact other users on the same server.
• python / lollms-webui:
# Check for the vulnerable endpoint
curl -I http://<lollms-webui-ip>/select_database• python / lollms-webui:
# Monitor for suspicious file creation attempts in lollms-webui logs
grep -i "/select_database" /var/log/lollms-webui.log• generic web:
# Check for directory listing exposure
curl -I http://<lollms-webui-ip>/directory_listingdisclosure
Exploit-Status
EPSS
2.42% (85% Perzentil)
CISA SSVC
CVSS-Vektor
The recommended mitigation for CVE-2024-1873 is to immediately upgrade lollms-webui to version v9.3 or later, which contains the fix for this vulnerability. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) rule to block requests to the /selectdatabase endpoint or to sanitize user input to prevent path traversal attempts. Specifically, the WAF should be configured to reject requests containing absolute paths or paths with directory traversal sequences (e.g., ../). Regularly review and audit the application's file permissions to ensure that the lollms-webui process does not have unnecessary write access to sensitive system directories. After upgrading, confirm the fix by attempting to access the /selectdatabase endpoint with a crafted path traversal request; the request should be rejected.
Actualice la biblioteca parisneo/lollms-webui a la versión 9.3 o superior. Esto corrige la vulnerabilidad de path traversal y denegación de servicio. Puede actualizar usando el gestor de paquetes de Python, pip, ejecutando `pip install --upgrade lollms-webui`.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-1873 is a Path Traversal vulnerability in lollms-webui versions up to v9.3, allowing attackers to manipulate file paths and potentially cause denial of service.
You are affected if you are running lollms-webui version 9.3 or earlier. Upgrade to v9.3 to mitigate the risk.
Upgrade lollms-webui to version 9.3 or later. As a temporary workaround, implement a WAF rule to block suspicious requests to the /select_database endpoint.
There is currently no evidence of active exploitation, but the vulnerability is relatively easy to exploit.
Refer to the lollms-webui project's repository and release notes for the official advisory and update information.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.