CVE-2024-4322 - Vulnerability Details - OpenCVE

A path traversal vulnerability exists in the parisneo/lollms-webui application, specifically within the `/list_personalities` endpoint. By manipulating the `category` parameter, an attacker can traverse the directory structure and list any directory on the system. This issue affects the latest version of the application. The vulnerability is due to improper handling of user-supplied input in the `list_personalities` function, where the `category` parameter can be controlled to specify arbitrary directories for listing. Successful exploitation of this vulnerability could allow an attacker to list all folders in the drive on the system, potentially leading to information disclosure.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00606.

Key SSVC decision points have not yet been added.

Vendors	Products
Lollms	Lollms Web Ui

Configuration 1 [-]

cpe:2.3:a:lollms:lollms_web_ui:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://huntr.com/bounties/5116d858-ce00-418c-a5a5-851c5608c209

History

Wed, 09 Jul 2025 15:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Lollms Lollms lollms Web Ui
CPEs		cpe:2.3:a:lollms:lollms_web_ui::::::::
Vendors & Products		Lollms Lollms lollms Web Ui

MITRE

Status: PUBLISHED

Assigner: @huntr_ai

Published: 2024-05-16T09:03:45.504Z

Updated: 2024-08-01T20:40:46.520Z

Reserved: 2024-04-29T18:39:36.821Z

Link: CVE-2024-4322

Vulnrichment

Updated: 2024-08-01T20:40:46.520Z

NVD

Status : Analyzed

Published: 2024-05-16T09:15:16.613

Modified: 2025-07-09T14:32:00.963

Link: CVE-2024-4322

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-4322", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "state": "PUBLISHED", "assignerShortName": "@huntr_ai", "dateReserved": "2024-04-29T18:39:36.821Z", "datePublished": "2024-05-16T09:03:45.504Z", "dateUpdated": "2024-08-01T20:40:46.520Z"}, "containers": {"cna": {"title": "Path Traversal in parisneo/lollms-webui", "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2024-05-16T09:03:45.504Z"}, "descriptions": [{"lang": "en", "value": "A path traversal vulnerability exists in the parisneo/lollms-webui application, specifically within the `/list_personalities` endpoint. By manipulating the `category` parameter, an attacker can traverse the directory structure and list any directory on the system. This issue affects the latest version of the application. The vulnerability is due to improper handling of user-supplied input in the `list_personalities` function, where the `category` parameter can be controlled to specify arbitrary directories for listing. Successful exploitation of this vulnerability could allow an attacker to list all folders in the drive on the system, potentially leading to information disclosure."}], "affected": [{"vendor": "parisneo", "product": "parisneo/lollms-webui", "versions": [{"version": "unspecified", "status": "affected", "versionType": "custom", "lessThanOrEqual": "latest"}]}], "references": [{"url": "https://huntr.com/bounties/5116d858-ce00-418c-a5a5-851c5608c209"}], "metrics": [{"cvssV3_0": {"version": "3.0", "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 7.5, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-29 Path Traversal: '\\..\\filename'", "cweId": "CWE-29"}]}], "source": {"advisory": "5116d858-ce00-418c-a5a5-851c5608c209", "discovery": "EXTERNAL"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-4322", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-16T18:29:07.144965Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:55:42.204Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:40:46.520Z"}, "title": "CVE Program Container", "references": [{"url": "https://huntr.com/bounties/5116d858-ce00-418c-a5a5-851c5608c209", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://huntr.com/bounties/5116d858-ce00-418c-a5a5-851c5608c209", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:40:46.520Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-4322", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-16T18:29:07.144965Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-03T14:25:30.422Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "Path Traversal in parisneo/lollms-webui", "source": {"advisory": "5116d858-ce00-418c-a5a5-851c5608c209", "discovery": "EXTERNAL"}, "metrics": [{"cvssV3_0": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "parisneo", "product": "parisneo/lollms-webui", "versions": [{"status": "affected", "version": "unspecified", "versionType": "custom", "lessThanOrEqual": "latest"}]}], "references": [{"url": "https://huntr.com/bounties/5116d858-ce00-418c-a5a5-851c5608c209"}], "descriptions": [{"lang": "en", "value": "A path traversal vulnerability exists in the parisneo/lollms-webui application, specifically within the `/list_personalities` endpoint. By manipulating the `category` parameter, an attacker can traverse the directory structure and list any directory on the system. This issue affects the latest version of the application. The vulnerability is due to improper handling of user-supplied input in the `list_personalities` function, where the `category` parameter can be controlled to specify arbitrary directories for listing. Successful exploitation of this vulnerability could allow an attacker to list all folders in the drive on the system, potentially leading to information disclosure."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-29", "description": "CWE-29 Path Traversal: '\\..\\filename'"}]}], "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2024-05-16T09:03:45.504Z"}}}, "cveMetadata": {"cveId": "CVE-2024-4322", "state": "PUBLISHED", "dateUpdated": "2024-08-01T20:40:46.520Z", "dateReserved": "2024-04-29T18:39:36.821Z", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "datePublished": "2024-05-16T09:03:45.504Z", "assignerShortName": "@huntr_ai"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:lollms:lollms_web_ui:*:*:*:*:*:*:*:*", "matchCriteriaId": "B8698D4D-FA1A-40D5-9DD2-0804D296907C", "versionEndExcluding": "9.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A path traversal vulnerability exists in the parisneo/lollms-webui application, specifically within the `/list_personalities` endpoint. By manipulating the `category` parameter, an attacker can traverse the directory structure and list any directory on the system. This issue affects the latest version of the application. The vulnerability is due to improper handling of user-supplied input in the `list_personalities` function, where the `category` parameter can be controlled to specify arbitrary directories for listing. Successful exploitation of this vulnerability could allow an attacker to list all folders in the drive on the system, potentially leading to information disclosure."}, {"lang": "es", "value": "Existe una vulnerabilidad de path traversal en la aplicaci\u00f3n parisneo/lollms-webui, espec\u00edficamente dentro del endpoint `/list_personalities`. Al manipular el par\u00e1metro \"categor\u00eda\", un atacante puede atravesar la estructura del directorio y enumerar cualquier directorio del sistema. Este problema afecta a la \u00faltima versi\u00f3n de la aplicaci\u00f3n. La vulnerabilidad se debe al manejo inadecuado de la entrada proporcionada por el usuario en la funci\u00f3n `list_personalities`, donde el par\u00e1metro `category` se puede controlar para especificar directorios arbitrarios para listar. La explotaci\u00f3n exitosa de esta vulnerabilidad podr\u00eda permitir a un atacante enumerar todas las carpetas en la unidad del sistema, lo que podr\u00eda conducir a la divulgaci\u00f3n de informaci\u00f3n."}], "id": "CVE-2024-4322", "lastModified": "2025-07-09T14:32:00.963", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security@huntr.dev", "type": "Secondary"}]}, "published": "2024-05-16T09:15:16.613", "references": [{"source": "security@huntr.dev", "tags": ["Exploit", "Third Party Advisory", "Issue Tracking", "Patch"], "url": "https://huntr.com/bounties/5116d858-ce00-418c-a5a5-851c5608c209"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory", "Issue Tracking", "Patch"], "url": "https://huntr.com/bounties/5116d858-ce00-418c-a5a5-851c5608c209"}], "sourceIdentifier": "security@huntr.dev", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-29"}], "source": "security@huntr.dev", "type": "Secondary"}]}