CVE-2024-1873

Name of the Vulnerable Software and Affected Versions parisneo/lollms-webui version a9d16b0

Description The issue is related to an exposed /select database endpoint that improperly handles file paths, allowing attackers to specify absolute paths when interacting with the DiscussionsDB instance. This enables attackers to create directories anywhere on the system where the application has permissions, potentially leading to denial of service by creating directories with names of critical files. Attackers can also manipulate the database path, resulting in the loss of client data by constantly changing the file location to an attacker-controlled location.

Recommendations For version a9d16b0, consider disabling access to the /select database endpoint until a patch is available to prevent path traversal attacks. Restrict the application's permissions to minimize the risk of creating directories in critical locations. Avoid using the DiscussionsDB instance with untrusted input to prevent data loss.