CVE-2024-52787

CVSS 3.1 Score 9.1 of 10 (high)

Details

Published Nov 25, 2024
Updated: Nov 27, 2024
CWE ID 22

Summary

CVE-2024-52787 is a newly disclosed vulnerability affecting the libre-chat software version 0.0.6. This issue lies in the "upload_documents" method, which unfortunately enables path traversal attacks. Malicious actors can exploit this flaw by providing a carefully crafted filename during an upload process, potentially gaining unauthorized access to sensitive data or executing arbitrary code. This vulnerability poses a significant risk and requires immediate attention to apply patches or updates to mitigate it.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share