A path traversal vulnerability exists in the XTTS server included in the lollms package, version v9.6. This vulnerability arises from the ability to perform an unauthenticated root folder settings change. Although the read file endpoint is protected against path traversals, this protection can be bypassed by changing the root folder to '/'. This allows attackers to read arbitrary files on the system. Additionally, the output folders can be changed to write arbitrary audio files to any location on the system.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: @huntr_ai
Published: 2024-06-27T18:45:15.903Z
Updated: 2024-07-09T19:16:52.617Z
Reserved: 2024-06-17T17:39:09.676Z
Link: CVE-2024-6085
JSON object: View
NVD Information
Status : Awaiting Analysis
Published: 2024-06-27T19:15:19.287
Modified: 2024-06-27T19:25:12.067
Link: CVE-2024-6085
JSON object: View
Redhat Information
No data.
CWE