What is this vulnerability and why does it matter?

This is a Path Traversal vulnerability, identified as CVE-2024-4841, affecting the parisneo/lollms-webui application. Specifically, the vulnerability resides within the 'add_reference_to_local_mode' function. The core issue is a lack of input sanitization, which allows an attacker to manipulate the 'path' parameter in HTTP requests to the '/add_reference_to_local_model' endpoint. This vulnerability matters because it enables an attacker to predict, or discover, the existence of folders, subfolders, and files on the victim's computer, leading to information disclosure. Such information can be leveraged for further attacks or to gain a deeper understanding of the target system's structure.

What are the CVSS score, severity level, and disclosure details?

The CVSS score for CVE-2024-4841 is 3.3. According to the CVSS v3.x scoring system, this score indicates a Low severity level. The vulnerability was publicly disclosed and published on 2024-06-23 14:33:33. The information related to this CVE was last modified on 2024-08-01 20:55:10.

Which products, vendors, systems, and versions are affected?

• Product: parisneo/lollms-webui
• Vendor: parisneo
• Affected Versions: This vulnerability affects versions from v9.6 up to the latest version at the time of disclosure.
• Systems: The vulnerability affects systems running the parisneo/lollms-webui application.

What is the technical root cause and attack vector?

The technical root cause of this vulnerability is the insufficient input sanitization within the 'add_reference_to_local_mode' function of the parisneo/lollms-webui. Specifically, the application fails to properly neutralize or sanitize the 'path' parameter when it is included in HTTP requests. The attack vector involves an attacker crafting malicious HTTP requests directed at the '/add_reference_to_local_model' endpoint, manipulating the 'path' parameter to traverse directory structures on the victim's system.

How can this vulnerability be exploited?

This vulnerability can be exploited by an attacker sending specially crafted HTTP requests to the '/add_reference_to_local_model' endpoint of the vulnerable parisneo/lollms-webui application. By manipulating the 'path' parameter within these requests, the attacker can submit directory traversal sequences (e.g., "../", "..\", etc.) to query arbitrary locations on the file system. Although the description states the impact as "predicting" folders and files, this implies the ability to ascertain the existence or non-existence of paths on the server, which is a form of information disclosure.

How can vulnerable systems be detected?

Vulnerable systems can be detected by identifying the version of the parisneo/lollms-webui application in use. Any installation of parisneo/lollms-webui with a version number from v9.6 up to the latest version (as of the disclosure date of CVE-2024-4841) is considered vulnerable. Administrators should check the application's installed version or source code for the 'add_reference_to_local_mode' function and examine its handling of the 'path' parameter within HTTP requests to the '/add_reference_to_local_model' endpoint for proper input sanitization.

What public intelligence references and advisories exist?

The primary public intelligence reference for this vulnerability is its CVE identifier: CVE-2024-4841.

What is the risk assessment and urgency level?

The risk associated with CVE-2024-4841 is assessed as Moderate, despite its Low CVSS score of 3.3. While the direct impact is described as "predicting" file system structures (information disclosure), this type of vulnerability can often serve as a preliminary step in more complex attack chains. The ability to map a server's directory structure can help attackers discover sensitive files, configuration files, or other vulnerable assets, potentially leading to further exploitation such as remote code execution or data exfiltration. The urgency level to address this vulnerability is Moderate. Given that it affects versions up to "latest" at the time of disclosure, systems are continually at risk until a patch is applied or effective mitigation is implemented. Organizations using parisneo/lollms-webui should prioritize reviewing their deployments and seeking official updates or workarounds.