CVE-2024-10131 Vulnerability Details

  /     /     /  

CVE-2024-10131 Metadata Quick Info

CVE Published: 19/10/2024 | CVE Updated: 22/10/2024 | CVE Year: 2024
Source: @huntr_ai | Vendor: infiniflow | Product: infiniflow/ragflow
Status : PUBLISHED

CVE-2024-10131 Description

The `add_llm` function in `llm_app.py` in infiniflow/ragflow version 0.11.0 contains a remote code execution (RCE) vulnerability. The function uses user-supplied input `req[\'llm_factory\']` and `req[\'llm_name\']` to dynamically instantiate classes from various model dictionaries. This approach allows an attacker to potentially execute arbitrary code due to the lack of comprehensive input validation or sanitization. An attacker could provide a malicious value for \'llm_factory\' that, when used as an index to these model dictionaries, results in the execution of arbitrary code.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-77
CWE Name: CWE-77 Improper Neutralization of Special Elements used in a Command ( Command Injection )
Source: infiniflow

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).

Last added CVEs

▸ CVE-2024-9999 ◂
Discovered: 12/11/2024
Status: PUBLISHED
▸ CVE-2024-9997 ◂
Discovered: 29/10/2024
Status: PUBLISHED
▸ CVE-2024-9996 ◂
Discovered: 29/10/2024
Status: PUBLISHED



Tags:
CVE-2024-10131 Vulnerability Details