CVE-2024-8898 Overview
CVE-2024-8898 is a path traversal vulnerability in the install and uninstall API endpoints of parisneo/lollms-webui version V12 (Strawberry). Attackers can supply crafted app_name values to create or delete directories at arbitrary locations on the host filesystem. The root cause is missing sanitization of user-supplied input passed to filesystem operations [CWE-22]. Because the endpoints are reachable over the network and require no authentication or user interaction, exploitation is straightforward and impacts confidentiality, integrity, and availability of the underlying system.
Critical Impact
Unauthenticated remote attackers can create or delete arbitrary directories on the lollms-webui host, enabling destructive filesystem manipulation and potential service compromise.
Affected Products
- parisneo lollms-webui version 12 (Strawberry)
- Component: endpoints/lollms_apps.py (apps zoo install/uninstall routes)
- Deployments exposing the lollms-webui API to untrusted networks
Discovery Timeline
- 2025-03-20 - CVE-2024-8898 published to the National Vulnerability Database (NVD)
- 2025-04-01 - Last updated in NVD database
Technical Details for CVE-2024-8898
Vulnerability Analysis
The lollms-webui application exposes two HTTP routes, /install/{app_name} and the corresponding uninstall route, which accept an application name as a path parameter. The handlers concatenate this value into filesystem paths under the user's apps_zoo_repo directory without validating that the resulting path remains inside the intended base directory.
By supplying directory traversal sequences such as ../ in app_name, an attacker breaks out of the intended apps_zoo_repo location. The install handler then creates directories at the attacker-chosen location, while the uninstall handler removes them. This allows arbitrary directory creation or deletion anywhere the lollms-webui process has write permissions.
Root Cause
The handlers trusted the app_name path parameter as a safe identifier and used it directly in path construction. There was no call to a sanitization routine that would reject or normalize traversal sequences. The fix introduces an explicit sanitize_path(app_name) call before the value is used in any filesystem operation.
Attack Vector
The attack is network-based against any reachable lollms-webui V12 instance. An attacker sends a POST /install/{app_name} request where app_name contains URL-encoded traversal segments resolving to a sensitive location. The same technique applied to the uninstall endpoint deletes target directories, which can corrupt application data, disrupt service, or remove security-relevant files.
@router.post("/install/{app_name}")
async def install_app(app_name: str, auth: AuthRequest):
check_access(lollmsElfServer, auth.client_id)
+ app_name=sanitize_path(app_name)
+
REPO_DIR = lollmsElfServer.lollms_paths.personal_path/"apps_zoo_repo"
# Create the app directory
Source: parisneo/lollms-webui commit 6d07c8a — the patch inserts sanitize_path(app_name) to normalize input and block ../ traversal before any filesystem use.
Detection Methods for CVE-2024-8898
Indicators of Compromise
- HTTP requests to /install/{app_name} or the uninstall endpoint containing .., %2e%2e, ..%2f, or absolute path prefixes in the app_name segment.
- Unexpected directory creation or deletion events outside the apps_zoo_repo path owned by the lollms-webui service account.
- Application logs from endpoints/lollms_apps.py showing install or uninstall operations with unusual app_name values.
Detection Strategies
- Inspect web access logs and WAF telemetry for traversal patterns in URL path segments targeting lollms-webui routes.
- Correlate filesystem audit events (Linux auditd watches, Windows object access auditing) against the lollms-webui process to flag directory operations outside its working tree.
- Alert on any 4xx/5xx response spikes from the install or uninstall endpoints, which often indicate probing.
Monitoring Recommendations
- Forward lollms-webui application logs and host filesystem audit events to a centralized analytics platform for correlation.
- Baseline normal install and uninstall activity by user and source IP so traversal probes stand out.
- Track outbound network and process activity from the lollms-webui service to detect follow-on actions after directory manipulation.
How to Mitigate CVE-2024-8898
Immediate Actions Required
- Upgrade lollms-webui to a build that includes commit 6d07c8a0dd0a15cc060becc73fda9fe8e788eb23 or later, which adds sanitize_path to the install and uninstall handlers.
- Restrict network exposure of lollms-webui to trusted users only by placing it behind authenticated reverse proxies or VPN access.
- Audit the host for unexpected directories created or removed under and outside apps_zoo_repo since deployment.
Patch Information
The vendor fix is published in the parisneo/lollms-webui repository in commit 6d07c8a. The patch introduces app_name = sanitize_path(app_name) at the top of the affected handlers in endpoints/lollms_apps.py, blocking traversal sequences before they reach filesystem APIs. Additional context is available in the Huntr bounty report.
Workarounds
- Deploy a WAF or reverse-proxy rule that rejects requests to /install/ and uninstall routes when the path parameter contains .., /, \, or URL-encoded equivalents.
- Run the lollms-webui process under a dedicated low-privilege account with write access limited to its own data directory.
- Disable the install and uninstall endpoints at the proxy layer until the patched version is deployed.
# Example nginx rule blocking traversal in lollms-webui app routes
location ~ ^/(install|uninstall)/ {
if ($request_uri ~* "(\.\.|%2e%2e|%2f%2e\.|\\)") {
return 400;
}
proxy_pass http://lollms_upstream;
}
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
