CVE-2024-4078
Published: 16 May 2024
Summary
CVE-2024-4078 is a critical-severity Command Injection (CWE-77) vulnerability. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 6.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
CVE-2024-4078 is a path traversal vulnerability in the parisneo/lollms project that permits arbitrary code execution. It resides in the /unInstall_binding endpoint, where the unInstall_binding function fails to sanitize the name parameter, allowing an attacker to traverse directories and load a malicious __init__.py file. The flaw affects the latest version of the software and carries a CVSS 3.0 base score of 9.8.
Unauthenticated remote attackers can exploit the issue over the network by supplying a crafted name value, resulting in remote code execution with full confidentiality, integrity, and availability impact on the host system. The weakness is tracked as CWE-77.
Public references include a GitHub commit that addresses the flaw by adding proper path sanitization and a corresponding huntr.dev bounty report that details the discovery.
The EPSS score stands at 0.0976 with no material increase from its recorded peak.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-1729
Vulnerability details
A vulnerability in the parisneo/lollms, specifically in the `/unInstall_binding` endpoint, allows for arbitrary code execution due to insufficient sanitization of user input. The issue arises from the lack of path sanitization when handling the `name` parameter in the `unInstall_binding` function,…
more
allowing an attacker to traverse directories and execute arbitrary code by loading a malicious `__init__.py` file. This vulnerability affects the latest version of the software. The exploitation of this vulnerability could lead to remote code execution on the system where parisneo/lollms is deployed.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.