FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial
FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial

CVE-2024-1646

Authentication Bypass Using an Alternate Path or Channel (CWE-288)

Published: Apr 16, 2024 / Updated: 7mo ago

010
No CVSS yetEPSS 0.04%
CVE info copied to clipboard

parisneo/lollms-webui is vulnerable to authentication bypass due to insufficient protection over sensitive endpoints. The application checks if the host parameter is not '0.0.0.0' to restrict access, which is inadequate when the application is bound to a specific interface, allowing unauthorized access to endpoints such as '/restart_program', '/update_software', '/check_update', '/start_recording', and '/stop_recording'. This vulnerability can lead to denial of service, unauthorized disabling or overriding of recordings, and potentially other impacts if certain features are enabled in the configuration.

Timeline

CVE Assignment

NVD published the first details for CVE-2024-1646

Apr 16, 2024 at 12:15 AM
First Article

Feedly found the first article mentioning CVE-2024-1646. See article

Apr 16, 2024 at 12:21 AM / National Vulnerability Database
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Apr 16, 2024 at 12:21 AM
EPSS

EPSS Score was set to: 0.04% (Percentile: 8.1%)

Apr 16, 2024 at 9:40 AM
Static CVE Timeline Graph

Links to Mitre Att&cks

T1083: File and Directory Discovery
+null more

Attack Patterns

CAPEC-127: Directory Indexing
+null more

References

Latest vulnerabilities [Tuesday, April 16, 2024]
Securitricks / 7mo
Attackers can exploit this vulnerability by crafting a `source` parameter that bypasses the `_validate_non_local_source_contains_relative_paths(source)` function's checks, allowing for arbitrary file read access on the server. A path traversal vulnerability exists in the `_create_model_version()` function within `server/handlers.py` of the mlflow/mlflow repository, due to improper validation of the `source` parameter.

News

michenriksen starred timothee-chauvin/eyeballvul
GitHub Public Timeline Feed / 4mo
eyeballvul is an open-source benchmark designed to enable the evaluation of SAST vulnerability detection tools, especially ones based on language models. While most benchmarks eventually make it into the training data of language models, eyeballvul is designed to be future-proof: it is updated weekly from the stream of CVEs in open-source repositories.
eyeballvul added to PyPI
PyPI newest packages / 6mo
eyeballvul is an open-source benchmark designed to enable the evaluation of SAST vulnerability detection tools, especially ones based on language models, designed to be future-proof. compare the results of the SAST tool with the list of known vulnerabilities for each commit, especially the ones that were published after the training data cutoff.
48 Vulnerabilities Uncovered In AI systems : Surge By 220%
Cyber Security News / 7mo
An attacker can use this vulnerability to run arbitrary code to compromise the server hosting PyTorch Serve. This vulnerability allows remote attackers to execute arbitrary code on the server.
NA - CVE-2024-1646 - parisneo/lollms-webui is vulnerable to...
Security-Database Alerts Monitor : Last 100 Alerts / 7mo
parisneo/lollms-webui is vulnerable to authentication bypass due to insufficient protection over sensitive endpoints. The application checks if the host parameter is not '0.0.0.0' to...
CVE-2024-1646 | parisneo lollms-webui up to 9.2 Endpoint /restart_program host authentication bypass
VulDB Recent Entries / 7mo
A vulnerability was found in parisneo lollms-webui up to 9.2 . It has been declared as critical . This vulnerability affects unknown code of the file /restart_program of the component Endpoint . The manipulation of the argument host leads to authentication bypass using alternate channel. This vulnerability was named CVE-2024-1646 . The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
See 4 more articles and social media posts

CVSS V3.1

Unknown

Categories

CWE-288(210)

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI

Feedly Threat Intelligence30-day free trial