pysec-2024-122
Vulnerability from pysec
Published
2024-10-11 16:15
Modified
2024-11-15 20:23
Severity ?
Details
A path traversal vulnerability exists in the api open_personality_folder endpoint of parisneo/lollms-webui. This vulnerability allows an attacker to read any folder in the personality_folder on the victim's computer, even though sanitize_path is set. The issue arises due to improper sanitization of the personality_folder parameter, which can be exploited to traverse directories and access arbitrary files.
Aliases
{ "affected": [ { "package": { "ecosystem": "PyPI", "name": "lollms", "purl": "pkg:pypi/lollms" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "28ee567a9a120967215ff19b96ab7515ce469620" } ], "repo": "https://github.com/parisneo/lollms", "type": "GIT" }, { "events": [ { "introduced": "0" }, { "fixed": "5.9.0" } ], "type": "ECOSYSTEM" } ], "versions": [ "1.1.10", "1.1.11", "1.1.12", "1.1.13", "1.1.14", "1.1.15", "1.1.16", "1.1.17", "1.1.18", "1.1.19", "1.1.20", "1.1.21", "1.1.22", "1.1.25", "1.1.26", "1.1.27", "1.1.28", "1.1.29", "1.1.3", "1.1.30", "1.1.31", "1.1.32", "1.1.33", "1.1.34", "1.1.35", "1.1.36", "1.1.37", "1.1.38", "1.1.45", "1.1.46", "1.1.47", "1.1.48", "1.1.49", "1.1.5", "1.1.50", "1.1.51", "1.1.52", "1.1.53", "1.1.55", "1.1.56", "1.1.57", "1.1.58", "1.1.59", "1.1.6", "1.1.60", "1.1.61", "1.1.62", "1.1.63", "1.1.64", "1.1.65", "1.1.66", "1.1.67", "1.1.68", "1.1.69", "1.1.7", "1.1.70", "1.1.71", "1.1.73", "1.1.74", "1.1.75", "1.1.76", "1.1.77", "1.1.78", "1.1.79", "1.1.80", "1.1.82", "1.1.83", "1.1.84", "1.1.85", "1.1.86", "1.1.9", "1.1.90", "1.1.91", "1.1.92", "1.2.0", "1.2.1", "1.2.10", "1.2.11", "1.2.12", "1.2.14", "1.2.3", "1.2.4", "1.2.6", "1.2.7", "1.2.8", "1.2.9", "2.0.0", "2.0.1", "2.0.10", "2.0.11", "2.0.12", "2.0.13", "2.0.14", "2.0.15", "2.0.16", "2.0.17", "2.0.18", "2.0.19", "2.0.2", "2.0.20", "2.0.21", "2.0.22", "2.0.23", "2.0.24", "2.0.25", "2.0.26", "2.0.27", "2.0.28", "2.0.3", "2.0.30", "2.0.31", "2.0.32", "2.0.4", "2.0.5", "2.0.6", "2.0.8", "2.0.9", "2.1.0", "2.1.1", "2.1.10", "2.1.11", "2.1.12", "2.1.13", "2.1.14", "2.1.15", "2.1.16", "2.1.17", "2.1.18", "2.1.19", "2.1.2", "2.1.20", "2.1.21", "2.1.22", "2.1.23", "2.1.24", "2.1.25", "2.1.26", "2.1.27", "2.1.28", "2.1.29", "2.1.3", "2.1.30", "2.1.31", "2.1.32", "2.1.34", "2.1.35", "2.1.36", "2.1.37", "2.1.38", "2.1.39", "2.1.4", "2.1.40", "2.1.42", "2.1.43", "2.1.44", "2.1.45", "2.1.46", "2.1.47", "2.1.48", "2.1.49", "2.1.5", "2.1.50", "2.1.51", "2.1.53", "2.1.54", "2.1.55", "2.1.56", "2.1.59", "2.1.6", "2.1.60", "2.1.7", "2.1.8", "2.1.9", "2.2.0", "2.2.1", "2.2.2", "2.2.3", "2.2.4", "2.2.5", "2.2.6", "2.2.7", "2.2.8", "2.3.0", "2.3.1", "2.3.3", "2.3.4", "3.0.0", "3.1.0", "3.1.5", "3.2.0", "4.0.0", "4.0.1", "4.0.2", "4.1.0", "4.1.5", "4.1.6", "4.2.0", "4.2.1", "4.2.2", "4.5.0", "4.5.1", "4.5.2", "4.5.3", "5.0.0", "5.0.1", "5.0.2", "5.1.0", "5.1.1", "5.2.0", "5.2.1", "5.3.0", "5.3.1", "5.5.0", "5.5.1", "5.5.2", "5.5.3", "5.5.4", "5.5.5", "5.5.6", "5.6.0", "5.6.2", "5.7.0", "5.7.1", "5.7.2", "5.7.3", "5.7.5", "5.7.6", "5.7.7", "5.7.8", "5.7.9", "5.8.1", "5.8.2", "5.8.3", "5.8.5", "5.8.6", "5.8.7", "5.8.8" ] } ], "aliases": [ "CVE-2024-6985" ], "details": "A path traversal vulnerability exists in the api open_personality_folder endpoint of parisneo/lollms-webui. This vulnerability allows an attacker to read any folder in the personality_folder on the victim\u0027s computer, even though sanitize_path is set. The issue arises due to improper sanitization of the personality_folder parameter, which can be exploited to traverse directories and access arbitrary files.", "id": "PYSEC-2024-122", "modified": "2024-11-15T20:23:01.816492+00:00", "published": "2024-10-11T16:15:00+00:00", "references": [ { "type": "EVIDENCE", "url": "https://huntr.com/bounties/79c11579-47d8-4e68-8466-b47c3bf5ef6a" }, { "type": "WEB", "url": "https://huntr.com/bounties/79c11579-47d8-4e68-8466-b47c3bf5ef6a" }, { "type": "FIX", "url": "https://github.com/parisneo/lollms/commit/28ee567a9a120967215ff19b96ab7515ce469620" } ], "severity": [ { "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "type": "CVSS_V3" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.