CVE-2024-8982

NONE EPSS 50.3%
Published Mar 20, 20251y ago · Modified Jun 17, 20261w ago
Find Similar
Published Mar 20, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

A Local File Inclusion (LFI) vulnerability in OpenLLM version 0.6.10 allows attackers to include files from the local server through the web application. This flaw could expose internal server files and potentially sensitive information such as configuration files, passwords, and other critical data. Unauthorized access to critical server files, such as configuration files, user credentials (/etc/passwd), and private keys, can lead to a complete compromise of the system's security. Attackers could leverage the exposed information to further penetrate the network, exfiltrate data, or escalate privileges within the environment.

Threat Intelligence

EPSS Exploit Probability
50.3% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-29

References 1

  • huntr.com https://huntr.com/bounties/b7bdc9a1-51ac-402a-8e6e-0d977699aca6

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.