CRITICAL🇵🇱 Wersja polska

CVE-2024-41704

CVSS 9.8v3.1pub. 2024-07-22upd. 2024-11-21

LibreChat through 0.7.4-rc1 does not validate the normalized pathnames of images.

🤖 AI Analysis
How it works

An attacker can provide a specially crafted path to an image file that, after normalization (e.g., using '../' sequences), goes beyond the allowed application directory. The application does not verify whether the resulting path points to a resource located in the permitted area of the file system. This allows unauthorized access to any files on the server.

Impact

An unauthenticated attacker can read, and potentially also overwrite or delete any files accessible to the application process, leading to data confidentiality breach, system integrity violation, and potential complete loss of service availability.

Mitigation & patch

LibreChat should be updated to a version higher than 0.7.4-rc1, which introduced a fix for path validation (pull request #3363 in the vendor repository). It is also recommended to limit application process permissions to the minimum necessary and monitor access to the server file system.

Who is affected

LibreChat in versions up to and including 0.7.4-rc1

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Librechat

    APP
    Librechat
    0.7.4≤ 0.7.3
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Path Traversal
CWE
References

Related vulnerabilities

CVE-2026-32625CRITICAL9.6PL ✓ten sam produkt

LibreChat: wyciek zmiennych środowiskowych przez konfigurację MCP

CVE-2026-22252CRITICAL9.1PL ✓ten sam produkt

LibreChat: RCE jako root przez MCP stdio transport bez walidacji poleceń

CVE-2025-69222CRITICAL9.1PL ✓ten sam produkt

SSRF w LibreChat — brak ograniczeń funkcji Actions w domyślnej konfiguracji

CVE-2024-10361CRITICAL9.1PL ✓ten sam produkt

LibreChat: path traversal umożliwiający usunięcie dowolnych plików

CVE-2024-41703CRITICAL9.8PL ✓ten sam produkt

LibreChat — nieprawidłowa kontrola dostępu przy aktualizacji wiadomości

CVE-2024-41704 — Librechat — CRITICAL — CVSS 9.8 | CVEbaza.pl