A path traversal vulnerability exists in the XTTS server included in the lollms package, version v9.6. This vulnerability arises from the ability to perform an unauthenticated root folder settings change. Although the read file endpoint is protected against path traversals, this protection can be bypassed by changing the root folder to '/'. This allows attackers to read arbitrary files on the system. Additionally, the output folders can be changed to write arbitrary audio files to any location on the system.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: @huntr_ai
Published: 2024-06-27T18:45:15.903Z
Updated: 2024-08-01T21:25:03.365Z
Reserved: 2024-06-17T17:39:09.676Z
Link: CVE-2024-6085
Vulnrichment
Updated: 2024-08-01T21:25:03.365Z
NVD
Status : Awaiting Analysis
Published: 2024-06-27T19:15:19.287
Modified: 2024-06-27T19:25:12.067
Link: CVE-2024-6085
Redhat
No data.