Impact
AnythingLLM, an application that contextualizes content for LLMs, has a directory traversal flaw in its document folder listing route on Windows. Prior to version 1.13.0 the route accepts encoded absolute Windows paths that resolve outside the intended documents directory. Because the shared path containment helper rejects only POSIX‑style "../" traversals and does not handle Windows‑style parent paths returned by path.relative(), an attacker can force the application to read or otherwise access files located beyond the document root. The flaw is classified as CWE‑22. It does not allow remote code execution or privilege escalation but can lead to unauthorized disclosure of arbitrary files on the host, potentially exposing sensitive data.
Affected Systems
This issue is present in the AnythingLLM product from Mintplex‑Labs, affecting all installations running a Windows operating system with a version earlier than 1.13.0. Systems that use the default document folder route for listing or retrieving documents are vulnerable. Versions 1.13.0 and later contain the fix.
Risk and Exploitability
The CVSS base score for this weakness is 4.3, reflecting moderate severity. No EPSS score is available, and the vulnerability is not listed in the CISA KEV catalog, indicating a low or unproven exploitation rate to date. The likely attack vector is sending a crafted request to the document folder route that includes Windows‑style relative paths such as ".." encoded in the URL. If exploited, an attacker could read arbitrary server files within the document folder tree. Although the risk appears moderate, organizations running unpatched versions should treat it with caution and apply the available update promptly.
OpenCVE Enrichment