CVE-2024-3126
Published: 16 May 2024
Summary
CVE-2024-3126 is a high-severity OS Command Injection (CWE-78) vulnerability in Lollms Lollms Web Ui. Its CVSS base score is 8.4 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Command and Scripting Interpreter (T1059); ranked in the top 15.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as Other Platforms; in the Other ATLAS/OWASP Terms risk domain; MITRE ATLAS techniques in scope: AI Model Inference API Access (AML.T0040), Craft Adversarial Data (AML.T0043), Establish Accounts (AML.T0021).
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-31727
Vulnerability details
A command injection vulnerability exists in the 'run_xtts_api_server' function of the parisneo/lollms-webui application, specifically within the 'lollms_xtts.py' script. The vulnerability arises due to the improper neutralization of special elements used in an OS command. The affected function utilizes 'subprocess.Popen' to…
more
execute a command constructed with a Python f-string, without adequately sanitizing the 'xtts_base_url' input. This flaw allows attackers to execute arbitrary commands remotely by manipulating the 'xtts_base_url' parameter. The vulnerability affects versions up to and including the latest version before 9.5. Successful exploitation could lead to arbitrary remote code execution (RCE) on the system where the application is deployed.
- CWE(s)
AI Security AnalysisAI
- AI Category
- Other Platforms
- Risk Domain
- Other ATLAS/OWASP Terms
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- The vulnerability is in parisneo/lollms-webui, an open-source web UI platform for running large language models (LLMs) and multimodal models like XTTS (text-to-speech), fitting 'Other Platforms' as a hosting/running platform for AI models.
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The command injection vulnerability in the web application's API server enables remote code execution (RCE) by abusing the OS command interpreter (T1059) and exploits a public-facing application (T1190).
MITRE ATLAS TechniquesAI
MITRE ATLAS techniques
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.