Path Traversal in parisneo/lollms

The parisneo/lollms application, an all-in-one AI solution, is affected by a path traversal vulnerability in versions 5.9.0 through 9.4.0. The root cause is improper sanitization of file paths when handling backslashes (\) on Windows systems [1]. Although the application's description states the vulnerability exists in version 9.4.0 and is fixed in version 5.9.0, the advisory clarifies that versions between 5.9.0 and 9.4.0 are impacted. The flaw manifests in the /user_infos endpoint, where file paths containing backslashes are not adequately validated, allowing directory traversal sequences to escape the intended directory [1].

Exploitation requires no authentication and can be performed over the network by sending a specially crafted request to the vulnerable endpoint. An attacker can supply a path such as \windows\win.ini to traverse outside the application's sandboxed folder and access arbitrary files on the Windows filesystem [1]. This low-complexity attack does not require any special privileges or user interaction, making it trivially exploitable [1].

The impact of successful exploitation includes unauthorized reading of sensitive files, such as environment variables, database files, and configuration files [1]. These could expose credentials, secrets, or other system details that may lead to further compromise of the host system. In some configurations, the same traversal might also allow deletion of files, though the primary risk is information disclosure [1].

A fix was released in version 5.9.0 of the software, which addresses the path traversal by properly sanitizing file paths on Windows [1]. Users running any version between 5.9.0 and 9.4.0 should upgrade to the patched version immediately. The official GitHub repository provides the latest release [2].