CVE-2024-9920
📋 TL;DR
This vulnerability allows attackers to upload malicious files with dangerous extensions (.py, .sh, .bat, etc.) and execute them via the '/open_file' API endpoint, leading to remote code execution. It affects users of parisneo/lollms-webui version v12 who have the 'Send file to AL' function enabled. The vulnerability stems from improper validation before using subprocess.Popen to open files.
💻 Affected Systems
- parisneo/lollms-webui
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Full system compromise with attacker gaining remote code execution, potentially leading to data theft, ransomware deployment, or complete system takeover.
Likely Case
Attackers upload malicious scripts and execute them to establish persistence, steal credentials, or deploy malware on the vulnerable system.
If Mitigated
With proper file validation and access controls, the impact is limited to unauthorized file uploads without execution capability.
🎯 Exploit Status
Exploitation requires access to the vulnerable function and knowledge of the API endpoint. No public exploit code is currently available.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Versions after v12
Vendor Advisory: https://huntr.com/bounties/c70c6732-23b3-4ef8-aec6-0a47467d1ed5
Restart Required: No
Instructions:
1. Update lollms-webui to the latest version. 2. Verify the fix by checking that file upload validation has been implemented. 3. Review and test the 'Send file to AL' functionality.
🔧 Temporary Workarounds
Disable file upload functionality
allTemporarily disable the 'Send file to AL' function until patching is complete.
Modify configuration to remove or disable the file upload feature
Implement file extension filtering
allAdd server-side validation to block dangerous file extensions (.py, .sh, .bat, .exe, etc.).
Implement file extension whitelisting in the upload handler
🧯 If You Can't Patch
- Implement strict network segmentation to isolate the vulnerable system
- Deploy application-level firewall rules to block access to the '/open_file' endpoint
🔍 How to Verify
Check if Vulnerable:
Check if running lollms-webui version v12 and test if dangerous file extensions can be uploaded via the 'Send file to AL' function.Check Version:
Check the lollms-webui version in the application interface or configuration files.Verify Fix Applied:
After updating, attempt to upload files with dangerous extensions and verify they are rejected or properly sanitized.📡 Detection & Monitoring
Log Indicators:
- Unusual file uploads with dangerous extensions
- API calls to '/open_file' endpoint with suspicious parameters
- Subprocess execution logs showing unexpected commands
Network Indicators:
- HTTP POST requests to upload endpoints with dangerous file types
- Outbound connections from the lollms-webui server to suspicious destinations
SIEM Query:
source="lollms-webui" AND (event="file_upload" AND file_extension IN ("py", "sh", "bat", "exe")) OR (endpoint="/open_file")