CVE-2024-6971

MEDIUM EPSS 23.3%
Published Oct 11, 20241y ago · Modified Jun 17, 20261w ago
4.4 CVSS 3.1
Medium
Find Similar
Published Oct 11, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

A path traversal vulnerability exists in the parisneo/lollms-webui repository, specifically in the `lollms_file_system.py` file. The functions `add_rag_database`, `toggle_mount_rag_database`, and `vectorize_folder` do not implement security measures such as `sanitize_path_from_endpoint` or `sanitize_path`. This allows an attacker to perform vectorize operations on `.sqlite` files in any directory on the victim's computer, potentially installing multiple packages and causing a crash.

CVSS Details

Base Score
4.4
Exploitability
0.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required High
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
23.3% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-22 Path Traversal Resource Mgmt

Affected Products 1

VendorProductVersionRange
lollmslollms-webui9.8any

References 1

  • huntr.com https://huntr.com/bounties/fbfe7cd0-99fb-4305-bd07-8b573364109e
    ExploitThird Party Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.