CVE-2024-3025

Exploit

EPSS 0.23%
Veröffentlicht 10.04.2024 17:15:55
Zuletzt bearbeitet 09.07.2025 19:50:01
Quelle security@huntr.dev
CVE-Watchlists
Login
Unerledigt
Login

mintplex-labs/anything-llm is vulnerable to path traversal attacks due to insufficient validation of user-supplied input in the logo filename functionality. Attackers can exploit this vulnerability by manipulating the logo filename to reference files outside of the restricted directory. This can lead to unauthorized reading or deletion of files by utilizing the `/api/system/upload-logo` and `/api/system/logo` endpoints. The issue stems from the lack of filtering or validation on the logo filename, allowing attackers to target sensitive files such as the application's database.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Mintplexlabs ≫ Anythingllm Version < 1.0.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.23%	0.457

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
security@huntr.dev	9.9	3.1	6	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE-23 Relative Path Traversal

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.

https://github.com/mintplex-labs/anything-llm/commit/7de23dbb2da932fbfb39f56d981784d3702cf5ce

Patch

https://huntr.com/bounties/fb09a352-1016-4481-ae88-7460e2b6062b

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2024-3025

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-3025

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-3025

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2024-3025