latest
CVE-2024-5824 describes a path traversal vulnerability discovered in the /setpersonalityconfig endpoint of the parisneo/lollms project. This flaw allows unauthorized users to overwrite critical configuration files, potentially enabling remote code execution. The vulnerability impacts versions of lollms up to and including the latest release, and a fix is available in the latest version.
The primary impact of CVE-2024-5824 is the potential for remote code execution. By exploiting the path traversal vulnerability, an attacker can overwrite the configs/config.yaml file. This file controls various server settings, including forceacceptremoteaccess and turnoncodevalidation. Modifying these settings could allow an attacker to bypass security controls, gain unauthorized access to the system, and execute arbitrary code. The blast radius extends to any data processed by the lollms instance, as an attacker could manipulate the model's behavior or steal sensitive information.
CVE-2024-5824 was publicly disclosed on 2024-06-27. There is currently no indication of active exploitation campaigns targeting this vulnerability. The vulnerability is not listed on the CISA KEV catalog at the time of this writing. Public proof-of-concept exploits are not widely available, but the vulnerability's nature makes it relatively straightforward to exploit.
Organizations and individuals deploying lollms, particularly those with publicly accessible instances or those lacking robust access controls, are at risk. Shared hosting environments where multiple users share the same lollms instance are also particularly vulnerable, as a compromised user could potentially impact other users on the same server.
• python / server:
import os
import requests
url = 'http://your-lollms-instance/set_personality_config' # Replace with your lollms instance
# Attempt path traversal
payload = "/../../../../etc/passwd"
# Send a request with the payload
response = requests.post(url, data={'personality_config': payload})
# Check the response status code
if response.status_code == 200:
print("Potential Path Traversal Vulnerability Detected!")
else:
print("No Path Traversal Detected.")• generic web:
curl -I http://your-lollms-instance/set_personality_config/%2e%2e%2f%2e%2e%2fetc/passwd• generic web:
grep -r 'force_accept_remote_access: true' /path/to/lollms/configs/config.yamldisclosure
エクスプロイト状況
EPSS
1.40% (80% パーセンタイル)
CISA SSVC
CVSS ベクトル
The recommended mitigation for CVE-2024-5824 is to immediately upgrade to the latest version of lollms, which contains the fix. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) rule to block requests targeting the /setpersonalityconfig endpoint with potentially malicious path traversal payloads. Additionally, restrict access to this endpoint to authorized users only. Monitor system logs for any unusual file modifications or access attempts to the configs/config.yaml file. After upgrading, confirm the fix by attempting to access the /setpersonalityconfig endpoint with a path traversal payload (e.g., /../../../../etc/passwd) and verifying that access is denied.
Actualice a la última versión de lollms. El commit eda3af5f5c4ea9b2f3569f72f8d05989e29367fc corrige la vulnerabilidad de path traversal. Asegúrese de reiniciar el servidor después de la actualización.
脆弱性分析と重要アラートをメールでお届けします。
CVE-2024-5824 is a Path Traversal vulnerability in the /setpersonalityconfig endpoint of lollms, allowing attackers to overwrite configuration files and potentially achieve remote code execution.
You are affected if you are running lollms versions ≤latest. Upgrade to the latest version to mitigate the risk.
Upgrade to the latest version of lollms. As a temporary workaround, implement a WAF rule to block malicious requests to the /setpersonalityconfig endpoint.
There is currently no evidence of active exploitation, but the vulnerability's nature makes it easily exploitable.
Refer to the parisneo/lollms project repository and associated security advisories for the latest information.
requirements.txt ファイルをアップロードすると、影響の有無を即座にお知らせします。