A path traversal vulnerability exists in the `install` and `uninstall` API endpoints of parisneo/lollms-webui version V12 (Strawberry). This vulnerability allows attackers to create or delete directories with arbitrary paths on the system. The issue arises due to insufficient sanitization of user-supplied input, which can be exploited to traverse directories outside the intended path.
The vulnerability results from insufficient input data sanitization provided by the user in the API endpoints `install` and `uninstall`. An attacker can craft a request containing path traversal sequences (e.g., `../`), which cause exit from the intended target directory. As a result, the application processes paths outside the permitted file system area, allowing manipulation of directory structure on the server.
An unauthenticated attacker can create or delete directories in arbitrary locations on the server, which may lead to system integrity violation, deletion of critical data, or disruption of application and operating system functionality.
Update lollms-webui to a version containing the fix available in commit 6d07c8a0dd0a15cc060becc73fda9fe8e788eb23 in the manufacturer's GitHub repository. Apply patches available from the vendor according to references.
parisneo/lollms-webui version V12 (Strawberry)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HLollms Web Ui
APPLollms12
Related vulnerabilities
SSRF i brak uwierzytelnienia w lollms-webui — dostęp do wewnętrznych zasobów
Path Traversal w lollms-webui umożliwia usunięcie dowolnego pliku
Path Traversal i DoS w endpoint /select_database aplikacji lollms-webui
Command Injection w lollms-webui — obejście zabezpieczeń i RCE
Path Traversal prowadzący do RCE w parisneo/lollms-webui