CVE-2024-6085
📋 TL;DR
An unauthenticated path traversal vulnerability in lollms v9.6's XTTS server allows attackers to read arbitrary files and write audio files anywhere on the system by changing the root folder to '/'. This affects anyone running the vulnerable lollms package with the XTTS server enabled.
💻 Affected Systems
- lollms
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete system compromise via reading sensitive files (passwords, SSH keys, configuration files) and planting malicious executables or backdoors in arbitrary locations.
Likely Case
Data exfiltration of sensitive information and potential privilege escalation by writing to critical system directories.
If Mitigated
Limited impact if server runs in isolated container with minimal privileges and restricted network access.
🎯 Exploit Status
Simple HTTP requests to change root folder settings bypass existing path traversal protections. Public exploit details available on huntr.com.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: v9.7 or later
Vendor Advisory: https://huntr.com/bounties/d2fb73d7-4b4f-451a-8763-484c189a27fe
Restart Required: Yes
Instructions:
1. Update lollms to version v9.7 or newer. 2. Restart the XTTS server. 3. Verify the patch by testing the vulnerable endpoints.
🔧 Temporary Workarounds
Disable XTTS Server
linuxStop and disable the vulnerable XTTS server component
systemctl stop lollms-xtts
systemctl disable lollms-xtts
Network Isolation
linuxRestrict network access to XTTS server port
iptables -A INPUT -p tcp --dport [XTTS_PORT] -j DROP
🧯 If You Can't Patch
- Run XTTS server in a container with read-only root filesystem and minimal privileges
- Implement strict network ACLs to limit access to trusted IPs only
🔍 How to Verify
Check if Vulnerable:
Test if unauthenticated POST request to /set_root_folder endpoint with payload {"root_folder": "/"} succeeds and allows file read operations outside intended directory.Check Version:
python -c "import lollms; print(lollms.__version__)" or check package metadataVerify Fix Applied:
After patching, the same request should be rejected or properly sanitized to prevent root folder change to '/'.📡 Detection & Monitoring
Log Indicators:
- HTTP POST requests to /set_root_folder endpoint
- File read operations from unexpected paths
- Audio file writes to non-standard locations
Network Indicators:
- Unusual file read patterns from XTTS server
- Outbound data exfiltration following configuration changes
SIEM Query:
source="*lollms*" AND (uri_path="/set_root_folder" OR (event="file_read" AND file_path CONTAINS "/../"))