CVE-2024-0550

CVSS V2 None CVSS V3 None

Description

A user who is privileged already `manager` or `admin` can set their profile picture via the frontend API using a relative filepath to then user the PFP GET API to download any valid files. The attacker would have to have been granted privileged permissions to the system before executing this attack.

Overview

CVE ID
CVE-2024-0550

Assigner
@huntr_ai

Vulnerability Status
PUBLISHED

Published Version
2024-02-28T04:52:21.831Z

Last Modified Date
2024-02-28T04:52:21.831Z

Weakness Enumerations

CWE	URL
CWE-23	http://cwe.mitre.org/data/definitions/23.html

References

Reference URL	Reference Tags
https://huntr.com/bounties/c6afeb5e-f211-4b3d-aa4b-6bad734217a6
https://github.com/mintplex-labs/anything-llm/commit/e1dcd5ded010b03abd6aa32d1bf0668a48e38e17

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2024-0550
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0550

History

Created	Old Value	New Value	Data Type	Notes
2024-06-26 10:31:17				Added to TrackCVE