CVE-2025-1451

HighPublic PoC

Published: 20 March 2025

Published

20 March 2025

Modified

15 October 2025

KEV Added

—

Patch

—

CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score 0.0057 68.6th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-1451 is a high-severity Allocation of Resources Without Limits or Throttling (CWE-770) vulnerability in Lollms Lollms Web Ui. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Application Exhaustion Flood (T1499.003); ranked in the top 31.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

This vulnerability is AI-related — categorised as APIs and Models; in the Other ATLAS/OWASP Terms risk domain.

The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SC-6 (Resource Availability).

Threat & Defense at a Glance

What attackers do: exploitation maps to Application Exhaustion Flood (T1499.003) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Enforces validation of multipart boundary lengths and appended characters in file upload requests, directly preventing resource exhaustion from malformed inputs.

SC-5 Denial-of-service Protection good match

prevent

Protects against denial-of-service events like resource exhaustion caused by oversized multipart boundaries in unauthenticated remote requests.

SC-6 Resource Availability good match

prevent

Ensures availability of server resources by implementing controls to mitigate exhaustion during processing of excessively long multipart boundaries.

MITRE ATT&CK Enterprise TechniquesAI

T1499.003 Application Exhaustion Flood Impact

Adversaries may target resource intensive features of applications to cause a denial of service (DoS), denying availability to those applications.

attack.mitre.org →

T1499.004 Application or System Exploitation Impact

Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.

attack.mitre.org →

Why these techniques?

The vulnerability enables endpoint denial of service by allowing crafted multipart file upload requests with excessively long boundaries, leading to resource exhaustion via application exhaustion flood or exploitation of the webui application.

NVD Description

A vulnerability in parisneo/lollms-webui v13 arises from the server's handling of multipart boundaries in file uploads. The server does not limit or validate the length of the boundary or the characters appended to it, allowing an attacker to craft requests…

with excessively long boundaries, leading to resource exhaustion and eventual denial of service (DoS). Despite an attempted patch in commit 483431bb, which blocked hyphen characters from being appended to the multipart boundary, the fix is insufficient. The server remains vulnerable if other characters (e.g., '4', 'a') are used instead of hyphens. This allows attackers to exploit the vulnerability using different characters, causing resource exhaustion and service unavailability.

Deeper analysisAI

CVE-2025-1451 is a vulnerability in parisneo/lollms-webui version 13, stemming from the server's improper handling of multipart boundaries in file uploads. The server does not limit or validate the length of the boundary or the characters appended to it, allowing attackers to craft requests with excessively long boundaries. This triggers resource exhaustion, leading to denial of service (DoS). An attempted patch in commit 483431bb blocks hyphen characters appended to the multipart boundary, but the fix is insufficient, as the server remains vulnerable when other characters such as '4' or 'a' are used. The issue carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) and maps to CWE-770.

Remote attackers without authentication or privileges can exploit this vulnerability by sending specially crafted file upload requests featuring oversized multipart boundaries. Exploitation consumes excessive server resources, resulting in service unavailability and DoS, with no impact on confidentiality or integrity.

The Huntr advisory at https://huntr.com/bounties/63f5aea4-953b-4b38-9f10-3afe425be1d4 details the incomplete nature of the commit 483431bb patch and confirms ongoing vulnerability to non-hyphen characters. Practitioners should apply any subsequent patches, enforce strict multipart boundary validation, and monitor for resource usage anomalies until full mitigation is confirmed.

Details

CWE(s): CWE-770 NVD-CWE-noinfo

Affected Products

lollms

lollms web ui

AI Security AnalysisAI

AI Category: APIs and Models
Risk Domain: Other ATLAS/OWASP Terms
OWASP Top 10 for LLMs 2025: None mapped
Classification Reason: parisneo/lollms-webui is a web UI platform for running and managing large language models (LOLLMS), confirmed AI-related via AI/ML bug bounty platform (huntr). The vulnerability is in the web server's file upload handling, fitting 'Other Platforms' as a deployment interface for LLMs.

CVEs Like This One

CVE-2026-33340Same product: Lollms Lollms Web Ui

CVE-2024-8898Same product: Lollms Lollms Web Ui

CVE-2024-9920Same product: Lollms Lollms Web Ui

CVE-2025-0315Shared CWE-770

CVE-2026-22045Shared CWE-770

CVE-2025-0635Shared CWE-770

CVE-2026-33756Shared CWE-770

CVE-2026-1456Shared CWE-770

CVE-2026-32049Shared CWE-770

CVE-2026-40116Shared CWE-770

References

https://huntr.com/bounties/63f5aea4-953b-4b38-9f10-3afe425be1d4
Exploit, Third Party Advisory · security@huntr.dev