mintplex-labs/anything-llm is vulnerable to improper...
High severity
Unreviewed
Published
Apr 16, 2024
to the GitHub Advisory Database
Description
Published by the National Vulnerability Database
Apr 16, 2024
Published to the GitHub Advisory Database
Apr 16, 2024
mintplex-labs/anything-llm is vulnerable to improper input validation, allowing attackers to read and delete arbitrary files on the server. By manipulating the 'logo_filename' parameter in the 'system-preferences' API endpoint, an attacker can construct requests to read sensitive files or the application's '.env' file, and even delete files by setting the 'logo_filename' to the path of the target file and invoking the 'remove-logo' API endpoint. This vulnerability is due to the lack of proper sanitization of user-supplied input.
References