CVE-2024-3121

A remote code execution vulnerability exists in the create_conda_env function of the parisneo/lollms repository, version 5.9.0. The vulnerability arises from the use of shell=True in the subprocess.Popen function, which allows an attacker to inject arbitrary commands by manipulating the env_name and python_version parameters. This issue could lead to a serious security breach as demonstrated by the ability to execute the 'whoami' command among potentially other harmful commands.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:lollms:lollms:5.9.0:*:*:*:*:*:*:*

History

21 Nov 2024, 09:28

Type Values Removed Values Added
References () https://huntr.com/bounties/db57c343-9b80-4c1c-9ab0-9eef92c9b27b - Exploit, Third Party Advisory () https://huntr.com/bounties/db57c343-9b80-4c1c-9ab0-9eef92c9b27b - Exploit, Third Party Advisory

13 Sep 2024, 15:44

Type Values Removed Values Added
CPE cpe:2.3:a:lollms:lollms:5.9.0:*:*:*:*:*:*:*
CWE CWE-78
CVSS v2 : unknown
v3 : 6.8
v2 : unknown
v3 : 3.3
First Time Lollms lollms
Lollms
References () https://huntr.com/bounties/db57c343-9b80-4c1c-9ab0-9eef92c9b27b - () https://huntr.com/bounties/db57c343-9b80-4c1c-9ab0-9eef92c9b27b - Exploit, Third Party Advisory

24 Jun 2024, 12:57

Type Values Removed Values Added
Summary
  • (es) Existe una vulnerabilidad de ejecución remota de código en la función create_conda_env del repositorio parisneo/lollms, versión 5.9.0. La vulnerabilidad surge del uso de shell=True en la función subprocess.Popen, que permite a un atacante inyectar comandos arbitrarios manipulando los parámetros env_name y python_version. Este problema podría provocar una grave violación de la seguridad, como lo demuestra la capacidad de ejecutar el comando "whoami" entre otros comandos potencialmente dañinos.

24 Jun 2024, 00:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-24 00:15

Updated : 2024-11-21 09:28


NVD link : CVE-2024-3121

Mitre link : CVE-2024-3121

CVE.ORG link : CVE-2024-3121


JSON object : View

Products Affected

lollms

  • lollms
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')