CVE-2024-3435

Exploit

EPSS 0.45%
Veröffentlicht 16.05.2024 09:15:14
Zuletzt bearbeitet 09.07.2025 14:33:50
Quelle security@huntr.dev
CVE-Watchlists
Login
Unerledigt
Login

A path traversal vulnerability exists in the 'save_settings' endpoint of the parisneo/lollms-webui application, affecting versions up to the latest release before 9.5. The vulnerability arises due to insufficient sanitization of the 'config' parameter in the 'apply_settings' function, allowing an attacker to manipulate the application's configuration by sending specially crafted JSON payloads. This could lead to remote code execution (RCE) by bypassing existing patches designed to mitigate such vulnerabilities.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Lollms ≫ Lollms Web Ui Version < 9.5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.45%	0.628

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
security@huntr.dev	8.4	2.5	5.9	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-29 Path Traversal: '\..\filename'

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '\..\filename' (leading backslash dot dot) sequences that can resolve to a location that is outside of that directory.

https://github.com/parisneo/lollms-webui/commit/bb99b59e710d00c4f2598faa5e183fa30fbd3bc2

Patch

https://huntr.com/bounties/494f349a-8650-4d30-a0bd-4742fda44ce5

Patch

Third Party Advisory

Exploit

Issue Tracking

https://nvd.nist.gov/vuln/detail/CVE-2024-3435

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-3435

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-3435

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2024-3435