CVE-2024-3025

Relative Path Traversal (CWE-23)

Published: Apr 10, 2024 / Updated: 7mo ago

Take action: If you are using anything-llm, zenml, pytorch/serve, bentoml, llama_index, qdrant, lollms-webui, localai, mlflow and lunary, review the list and plan to patch or update. The critical issues in the latest report include issues with anything-llm, zenml, pytorch/serve, bentoml, llama_index, qdrant, lollms-webui, localai, mlflow and lunary:

An attacker can use this vulnerability to run arbitrary code to compromise the server hosting PyTorch Serve. This vulnerability allows remote attackers to execute arbitrary code on the server.

mintplex-labs/anything-llm is vulnerable to path traversal attacks due to insufficient validation of user-supplied input in the logo filename functionality. Attackers can exploit this vulnerability by manipulating the logo filename to reference files outside of the restricted directory. This can CVE-2024-3025 originally published on CyberSecurityBoard

MINTPLEX-LABS MINTPLEX-LABS/ANYTHING-LLM CVE-2024-3025 CVE-2024-3025 Path Traversal in mintplex-labs/anything-llm mintplex-labs/anything-llm is vulnerable to path traversal attacks due to insufficient validation of user-supplied input in the logo filename functionality. Attackers can exploit this vulnerability by manipulating the logo filename to reference files outside of the restricted directory. This can lead to unauthorized reading or deletion of files by utilizing the `/api/system/upload-logo` and `/api/system/logo` endpoints. The issue stems from the lack of filtering or validation on the logo filename, allowing attackers to target sensitive files such as the application's database. https://www. cve.org/CVERecord?id=CVE-2024- 3025 https:// huntr.com/bounties/fb09a352-10 16-4481-ae88-7460e2b6062b https:// github.com/mintplex-labs/anyth ing-llm/commit/7de23dbb2da932fbfb39f56d981784d3702cf5ce # mintplex -labs # mintplex -labs/anything-llm # CVE_2024_3025 # bot

mintplex-labs/anything-llm is vulnerable to path traversal attacks due to insufficient validation of user-supplied input in the logo filename functionality. Attackers can exploit this vulnerability by manipulating the logo filename to reference files outside of the restricted directory. This can lead to unauthorized reading or deletion of files by utilizing the /api/system/upload-logo and /api/system/logo endpoints. The issue stems from the lack of filtering or validation on the logo filename, allowing attackers to target sensitive files such as the application's...