Skip to content

Instantly share code, notes, and snippets.

@jxfzzzt
Created November 22, 2024 16:13
Show Gist options
  • Save jxfzzzt/276a6e8cfbc54d2c2711bb51d8d3dff3 to your computer and use it in GitHub Desktop.
Save jxfzzzt/276a6e8cfbc54d2c2711bb51d8d3dff3 to your computer and use it in GitHub Desktop.
CVE-2024-52787
[CVE ID]
CVE-2024-52787
[PRODUCT]
libre-chat
[VERSION]
libre-chat v0.0.6
[PROBLEM TYPE]
Path Traversal
[REFERENCES]
https://github.com/vemonet/libre-chat/pull/9
https://github.com/vemonet/libre-chat/issues/10
https://github.com/vemonet/libre-chat/commit/dbb8e3400e5258112179783d74c9cc54310cb72b
[DESCRIPTION]
A path traversal vulnerability exists in the upload_documents method of libre-chat versions <= v0.0.6, specifically in the src/libre_chat/router.py file. This vulnerability allows an attacker to manipulate the filename of an uploaded file. By supplying a specially crafted filename (e.g., /../../test.txt), an attacker can perform a path traversal attack, leading to arbitrary file writes on the server. In severe cases, this may result in the modification or disclosure of critical system files, such as /etc/passwd, when crafted filenames like /../../etc/passwd are used. The root cause of this vulnerability is the application's failure to adequately sanitize or validate filenames for uploaded files, enabling attackers to traverse directories and overwrite files outside the intended upload directory.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment