Path Traversal: '\..\filename'

CVE-2024-6139

High

7.3/10

Summary

A Path Traversal vulnerability exists in the XTTS server of the lollms package. This vulnerability allows an attacker to write audio files to arbitrary locations on the system and enumerate file paths. The issue arises from improper validation of user-provided file paths in the `tts_to_file` endpoint.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: LOW
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: LOW
Availability Impact: LOW

CWE-29 - Path Traversal: '\..\filename'

The software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '\..\filename' (leading backslash dot dot) sequences that can resolve to a location that is outside of that directory.

References

Advisory
Disclosure

Advisory Timeline

Published Jun 27, 2024

Path Traversal: '\..\filename'

CVE-2024-6139

Summary

CWE-29 - Path Traversal: '\..\filename'

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS