CVE-2024-11167
📋 TL;DR
An improper access control vulnerability in LibreChat allows authenticated users to delete other users' prompts by manipulating the groupid parameter. This occurs because the endpoint fails to verify prompt ownership before deletion. All LibreChat instances running versions before 0.7.6 with authenticated users are affected.
💻 Affected Systems
- LibreChat
📦 What is this software?
Librechat by Librechat
⚠️ Risk & Real-World Impact
Worst Case
Malicious authenticated users could systematically delete all prompts in the system, causing data loss and disrupting legitimate users' workflows.
Likely Case
Authenticated users accidentally or intentionally delete prompts belonging to other users, leading to data loss and potential operational disruption.
If Mitigated
With proper access controls, users can only delete their own prompts, maintaining data integrity and user isolation.
🎯 Exploit Status
Exploitation requires authenticated access but is trivial once authenticated; involves simple parameter manipulation.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 0.7.6
Vendor Advisory: https://github.com/danny-avila/librechat/commit/5071bdbf9ac621165f0e8d009818851f3951eee7
Restart Required: Yes
Instructions:
1. Update LibreChat to version 0.7.6 or later. 2. Restart the LibreChat service. 3. Verify the fix by testing prompt deletion functionality.
🔧 Temporary Workarounds
Disable prompt deletion endpoint
allTemporarily disable or restrict access to the vulnerable prompt deletion endpoint until patching is complete.
# Configure web server/application firewall to block DELETE requests to /api/prompts/*
🧯 If You Can't Patch
- Implement strict access controls at the network/application layer to limit who can access prompt management endpoints.
- Enable detailed logging of all prompt deletion attempts and monitor for unauthorized activity.
🔍 How to Verify
Check if Vulnerable:
Check if LibreChat version is below 0.7.6; test if authenticated user can delete another user's prompt by manipulating groupid parameter.Check Version:
Check package.json or application configuration for version number; or run: npm list librechat (if installed via npm)Verify Fix Applied:
After updating to 0.7.6+, verify that authenticated users can only delete their own prompts and attempts to delete others' prompts fail with proper authorization errors.📡 Detection & Monitoring
Log Indicators:
- Multiple DELETE requests to /api/prompts/ endpoint from same user with different groupid values
- Failed authorization attempts for prompt deletion
Network Indicators:
- Unusual pattern of DELETE requests to prompt endpoints
- Requests with manipulated groupid parameters
SIEM Query:
source="librechat" AND (uri_path="/api/prompts/*" AND http_method="DELETE") | stats count by user, groupid