CVE-2024-0550

A user who is privileged already `manager` or `admin` can set their profile picture via the frontend API using a relative filepath to then user the PFP GET API to download any valid files. The attacker would have to have been granted privileged permissions to the system before executing this attack.
Configurations

No configuration.

History

21 Nov 2024, 08:46

Type Values Removed Values Added
Summary
  • (es) Un usuario que ya tiene privilegios de "administrador" o "administrador" puede configurar su imagen de perfil a través de la API de interfaz utilizando una ruta de archivo relativa para luego usar la API GET de PFP para descargar cualquier archivo válido. Al atacante se le tendrían que haber concedido permisos privilegiados en el sistema antes de ejecutar este ataque.
References () https://github.com/mintplex-labs/anything-llm/commit/e1dcd5ded010b03abd6aa32d1bf0668a48e38e17 - () https://github.com/mintplex-labs/anything-llm/commit/e1dcd5ded010b03abd6aa32d1bf0668a48e38e17 -
References () https://huntr.com/bounties/c6afeb5e-f211-4b3d-aa4b-6bad734217a6 - () https://huntr.com/bounties/c6afeb5e-f211-4b3d-aa4b-6bad734217a6 -

28 Feb 2024, 05:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-02-28 05:15

Updated : 2024-11-21 08:46


NVD link : CVE-2024-0550

Mitre link : CVE-2024-0550

CVE.ORG link : CVE-2024-0550


JSON object : View

Products Affected

No product.

CWE
CWE-23

Relative Path Traversal