Free Trial

CVE-2024-4315 : PARISNEO LOLLMS UP TO 9.7 SANITIZE_PATH_FROM_ENDPOINT FILENAME CONTROL

Description

parisneo/lollms version 9.5 is vulnerable to Local File Inclusion (LFI) attacks due to insufficient path sanitization. The `sanitize_path_from_endpoint` function fails to properly sanitize Windows-style paths (backward slash `\`), allowing attackers to perform directory traversal attacks on Windows systems. This vulnerability can be exploited through various routes, including `personalities` and `/del_preset`, to read or delete any file on the Windows filesystem, compromising the system’s availability.

References

https://huntr.com/bounties/8a1b0197-2c36-4276-b92b-630a2a9bb09c

https://github.com/parisneo/lollms/commit/95ad36eeffc6a6be3e3f35ed35a384d768f0ecf6

For More Information

CVERecord

Common Vulnerabilityies and Exposures

CVE-2024-4315 : PARISNEO LOLLMS UP TO 9.7 SANITIZE_PATH_FROM_ENDPOINT FILENAME CONTROL
CVE-2024-4315 : PARISNEO LOLLMS UP TO 9.7 SANITIZE_PATH_FROM_ENDPOINT FILENAME CONTROL

Contact us to get started

CVE-2024-12728 : SOPHOS FIREWALL UP TO 20.0 MR2 SSH WEAK CREDENTIALS

CVE-2024-12728 : SOPHOS FIREWALL UP TO 20.0 MR2 SSH WEAK CREDENTIALS

Description A weak credentials vulnerability potentially allows privileged system access via SSH to Sophos Firewall older than version 20.0 MR3

Learn more
CVE-2021-26102 : FORTINET FORTIWAN UP TO 4.4.1/4.5.7 POST REQUEST AUTHENTICATION BYPASS

CVE-2021-26102 : FORTINET FORTIWAN UP TO 4.4.1/4.5.7 POST REQUEST AUTHENTICATION BYPASS

Description A relative path traversal vulnerability (CWE-23) in FortiWAN version 4.5.7 and below, 4.4 all versions may allow a remote

Learn more
CVE-2024-35141 : IBM SECURITY VERIFY ACCESS DOCKER UP TO 10.0.6 UNNECESSARY PRIVILEGES

CVE-2024-35141 : IBM SECURITY VERIFY ACCESS DOCKER UP TO 10.0.6 UNNECESSARY PRIVILEGES

Description IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate their privileges due to

Learn more