CVE-2024-2358
Published: 16 May 2024
Summary
CVE-2024-2358 is a critical-severity Path Traversal: '\..\filename' (CWE-29) vulnerability in Lollms Lollms Web Ui. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 12.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as Other Platforms; in the Other ATLAS/OWASP Terms risk domain; MITRE ATLAS techniques in scope: Hardware (AML.T0010.000), Infer Training Data Membership (AML.T0024.000), AML.T0040.000.
Deeper analysis
A path traversal vulnerability exists in the /apply_settings endpoint of the parisneo/lollms-webui project. The flaw stems from missing sanitization of the extensions parameter in configuration settings, which permits relative path sequences such as ../../../. This allows the application to load and execute an attacker-supplied __init__.py file from arbitrary directories, resulting in remote code execution. The issue affects the latest version of the software and carries a CVSS 3.0 score of 9.8.
Unauthenticated remote attackers can exploit the vulnerability by submitting a crafted payload to the affected endpoint. Successful exploitation grants the ability to run arbitrary code on the server with the privileges of the web application process, potentially leading to full system compromise.
The provided references point to a Huntr bounty report but contain no explicit mitigation guidance or patch details. The EPSS score rose from a low baseline to a peak of 0.0624 on 2025-12-11 before receding to the current value of 0.0316, indicating a temporary increase in exploitation interest after public disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-27311
Vulnerability details
A path traversal vulnerability in the '/apply_settings' endpoint of parisneo/lollms-webui allows attackers to execute arbitrary code. The vulnerability arises due to insufficient sanitization of user-supplied input in the configuration settings, specifically within the 'extensions' parameter. Attackers can exploit this by…
more
crafting a payload that includes relative path traversal sequences ('../../../'), enabling them to navigate to arbitrary directories. This flaw subsequently allows the server to load and execute a malicious '__init__.py' file, leading to remote code execution. The issue affects the latest version of parisneo/lollms-webui.
- CWE(s)
AI Security AnalysisAI
- AI Category
- Other Platforms
- Risk Domain
- Other ATLAS/OWASP Terms
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- parisneo/lollms-webui is a web user interface platform for running and interacting with large language models (LLMs) locally, fitting under 'Other Platforms' as it is an AI/ML hosting and deployment platform, confirmed by its inclusion in an AI/ML bug bounty program.
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Path traversal in web endpoint '/apply_settings' enables remote code execution via loading malicious Python '__init__.py', mapping to T1190 (Exploit Public-Facing Application) and T1059.006 (Python).
MITRE ATLAS TechniquesAI
MITRE ATLAS techniques
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.