CVE-2024-13059
Published: 10 February 2025
Summary
CVE-2024-13059 is a uncategorised-severity Path Traversal: '\..\filename' (CWE-29) vulnerability in Mintplexlabs Anythingllm. Its CVSS base score is N/A.
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 1.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as Enterprise AI Assistants; in the Other ATLAS/OWASP Terms risk domain.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
SI-10 requires validation of incoming filenames to block path traversal sequences introduced by non-ASCII transformations in the multer library.
SI-2 ensures timely remediation of the path traversal flaw by applying vendor patches such as upgrading to Anything-LLM version 1.3.1.
SI-9 restricts file upload inputs to safe filename patterns, rejecting those with potential traversal characters like '../'.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Path traversal vulnerability enables arbitrary file write leading to RCE in a public-facing web application, directly facilitating exploitation of public-facing applications.
NVD Description
A vulnerability in mintplex-labs/anything-llm prior to version 1.3.1 allows for path traversal due to improper handling of non-ASCII filenames in the multer library. This vulnerability can lead to arbitrary file write, which can subsequently result in remote code execution. The…
more
issue arises when the filename transformation introduces '../' sequences, which are not sanitized by multer, allowing attackers with manager or admin roles to write files to arbitrary locations on the server.
Deeper analysisAI
CVE-2024-13059 is a path traversal vulnerability (CWE-22, CWE-29) affecting mintplex-labs/anything-llm versions prior to 1.3.1. The issue stems from improper handling of non-ASCII filenames in the multer library, where filename transformations can introduce unsanitized '../' sequences. This enables arbitrary file writes on the server, potentially leading to remote code execution.
Attackers with manager or admin roles can exploit this vulnerability by uploading files with specially crafted non-ASCII filenames. The lack of sanitization in multer allows traversal to arbitrary server locations, enabling file overwrites or placements that facilitate remote code execution.
Mitigation involves upgrading to version 1.3.1 or later, as detailed in the project's GitHub commit fixing the issue. The vulnerability was reported via Huntr, confirming the patch addresses the filename handling flaw in multer.
This vulnerability affects Anything-LLM, an open-source tool for interacting with large language models, highlighting path traversal risks in AI/ML web applications handling file uploads. No public evidence of real-world exploitation has been reported as of the CVE publication on 2025-02-10.
Details
- CWE(s)
Affected Products
AI Security AnalysisAI
- AI Category
- Enterprise AI Assistants
- Risk Domain
- Other ATLAS/OWASP Terms
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- mintplex-labs/anything-llm is an open-source AI application/platform for document chatting and RAG with LLMs, fitting the Enterprise AI Assistants category. The vulnerability is a path traversal in file upload handling (multer), reported on an AI/ML bug bounty platform.