CVE-2024-7783
📋 TL;DR
This vulnerability in anything-llm's single user mode exposes user passwords in plaintext within JWT bearer tokens. Attackers who obtain these tokens can decode them to steal credentials, affecting all users running vulnerable versions of the software.
💻 Affected Systems
- mintplex-labs/anything-llm
📦 What is this software?
Anythingllm by Mintplexlabs
⚠️ Risk & Real-World Impact
Worst Case
Complete account takeover leading to unauthorized access to the LLM system, potential data exfiltration, and lateral movement if reused credentials.
Likely Case
Credential theft allowing unauthorized access to the anything-llm instance and potential privilege escalation.
If Mitigated
Limited impact if tokens are properly secured with short lifetimes and monitored for suspicious access.
🎯 Exploit Status
Exploitation requires obtaining the JWT token through interception, client-side attacks, or log exposure, then using any JWT decoder to view plaintext password.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.0.3
Vendor Advisory: https://github.com/mintplex-labs/anything-llm/commit/4430ddb05988470bc8f0479e7d07db1f7d4646ba
Restart Required: Yes
Instructions:
1. Backup your anything-llm data. 2. Update to version 1.0.3 via package manager or manual installation. 3. Restart the anything-llm service. 4. Regenerate any existing JWT tokens.
🔧 Temporary Workarounds
Disable Single User Mode
allSwitch to multi-user mode which uses proper authentication mechanisms without JWT password storage.
Edit configuration to enable multi-user authentication
Implement External JWT Validation
allUse external JWT validation service that strips sensitive data before processing.
Configure reverse proxy or middleware to validate and sanitize JWTs
🧯 If You Can't Patch
- Implement network segmentation to restrict access to anything-llm instances
- Enable comprehensive logging and monitoring for JWT token usage and suspicious authentication attempts
🔍 How to Verify
Check if Vulnerable:
Check if running version earlier than 1.0.3 and in single user mode. Examine JWT tokens for plaintext password field.Check Version:
Check package.json or application version endpoint for version numberVerify Fix Applied:
Update to 1.0.3, generate new JWT token, and verify it no longer contains plaintext password when decoded.📡 Detection & Monitoring
Log Indicators:
- Multiple failed authentication attempts followed by successful login with stolen credentials
- Unusual JWT token generation patterns
Network Indicators:
- Unusual JWT token transmission patterns
- Requests with malformed or unusually large JWT tokens
SIEM Query:
source="anything-llm" AND (event="authentication_failure" OR jwt_token="*") | stats count by src_ip, user