CVE-2024-5211 | mintplex-labs anything-llm up to 0.x anythingllm.db normalizePath path traversal

Inserito da Angelo Barbosa | Giu 12, 2024 | CVE

A vulnerability was found in mintplex-labs anything-llm up to 0.x. It has been declared as critical. Affected by this vulnerability is the function normalizePath of the file anythingllm.db. The manipulation leads to path traversal: ‘..filename’.

This vulnerability is known as CVE-2024-5211. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-5211 | mintplex-labs anything-llm up to 0.x anythingllm.db normalizePath path traversal

Post correlati

CVE-2024-22768 | Hitron DVR HVR-4781 up to 4.02 default credentials

CVE-2024-42776 | Kashipara Hotel Management System 1.0 /admin/users.php access control

CVE-2023-6653 | PHPGurukul Teacher Subject Allocation Management System 1.0 Create a new Subject /admin/subject.php cid cross-site request forgery

CVE-2024-23855 | Cups Easy 1.0 URL taxcodemodify.php cross site scripting