CVE-2024-9920

High CVSS: 8.8

In version v12 of parisneo/lollms-webui, the 'Send file to AL' function allows uploading files with various extensions, including potentially dangerous ones like .py, .sh, .bat, and more. Attackers can exploit this by uploading files with malicious content and then using the '/open_file' API endpoint to execute these files. The vulnerability arises from the use of 'subprocess.Popen' to open files without proper validation, leading to potential remote code execution.

Vendor

Lollms

Product

Lollms Web Ui

CWE

CWE-434

Yayın Tarihi

2025-03-20 10:15:50

Güncelleme

2025-04-03 18:02:58

Source Identifier

security@huntr.dev

KEV Date Added

Kategoriler

CWE-434 Lollms Web Ui HIGH Lollms 2025

Referanslar

https://huntr.com/bounties/c70c6732-23b3-4ef8-aec6-0a47467d1ed5

Benzer Kayıtlar

High

CVE-2026-0560

A Server-Side Request Forgery (SSRF) vulnerability exists in parisneo/lollms versions prior to 2.2.0, specifically in th…

High

CVE-2026-0562

A critical security vulnerability in parisneo/lollms versions up to 2.2.0 allows any authenticated user to accept or rej…

Critical

CVE-2026-0558

A vulnerability in parisneo/lollms, up to and including version 2.2.0, allows unauthenticated users to upload and proces…

High

CVE-2025-1451

A vulnerability in parisneo/lollms-webui v13 arises from the server's handling of multipart boundaries in file uploads.…

High

CVE-2024-9919

A missing authentication check in the uninstall endpoint of parisneo/lollms-webui V13 allows attackers to perform unauth…

Critical

CVE-2024-8898

A path traversal vulnerability exists in the `install` and `uninstall` API endpoints of parisneo/lollms-webui version V1…