CVE-2024-4078
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the parisneo/lollms, specifically in the /unInstall_binding endpoint, allows for arbitrary code execution due to insufficient sanitization of user input. The issue arises from the lack of path sanitization when handling the name parameter in the unInstall_binding function, allowing an attacker to traverse directories and execute arbitrary code by loading a malicious __init__.py file. This vulnerability affects the latest version of the software. The exploitation of this vulnerability could lead to remote code execution on the system where parisneo/lollms is deployed.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| parisneo | parisneo/lollms | unspecified < main | affected |
Weaknesses
- CWE-77: CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
ADP Enrichment
CVE Program Container
Additional References
- https://huntr.com/bounties/a55a8c04-df44-49b2-bcfa-2a2b728a299d
- https://github.com/parisneo/lollms/commit/7ebe08da7e0026b155af4f7be1d6417bc64cf02f
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: yes
- Technical Impact: total
References
- https://huntr.com/bounties/a55a8c04-df44-49b2-bcfa-2a2b728a299d
- https://github.com/parisneo/lollms/commit/7ebe08da7e0026b155af4f7be1d6417bc64cf02f
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.