CVE-2024-2361 Information

Description

A vulnerability in the parisneo/lollms-webui allows for arbitrary file upload and read due to insufficient sanitization of user-supplied input. Specifically the issue resides in the install_model() function within lollms_core/lollms/binding.py where the application fails to properly sanitize the file:// protocol and other inputs leading to arbitrary read and upload capabilities. Attackers can exploit this vulnerability by manipulating the path and variant_name parameters to achieve path traversal allowing for the reading of arbitrary files and uploading files to arbitrary locations on the server. This vulnerability affects the latest version of parisneo/lollms-webui.

Reference

https://huntr.com/bounties/cd383817-924a-445a-838e-d0c867c6a176