CVE-2024-1522

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-1522
A Cross-Site Request Forgery (CSRF) vulnerability in the parisneo/lollms-webui project allows remote attackers to execute arbitrary code on a victim's system. The vulnerability stems from the `/execute_code` API endpoint, which does not properly validate requests, enabling an attacker to craft a malicious webpage that, when visited by a victim, submits a form to the victim's local lollms-webui instance to execute arbitrary OS commands. This issue allows attackers to take full control of the victim's system without requiring direct network access to the vulnerable application.
CVSS

No CVSS.

References
Link Resource
https://github.com/parisneo/lollms-webui/commit/0b51063119cfb5e391925d232a4af1de9dc32e2b Patch
https://github.com/parisneo/lollms-webui/commit/0b51063119cfb5e391925d232a4af1de9dc32e2b Patch
https://huntr.com/bounties/687cef92-3432-4d6c-af92-868eccabbb71 Exploit Third Party Advisory Issue Tracking Patch
https://huntr.com/bounties/687cef92-3432-4d6c-af92-868eccabbb71 Exploit Third Party Advisory Issue Tracking Patch
Configurations

Configuration 1 (hide)

cpe:2.3:a:lollms:lollms_web_ui:*:*:*:*:*:*:*:*
History

15 Aug 2025, 20:33

Type Values Removed Values Added
References () https://huntr.com/bounties/687cef92-3432-4d6c-af92-868eccabbb71 - Exploit, Third Party Advisory () https://huntr.com/bounties/687cef92-3432-4d6c-af92-868eccabbb71 - Exploit, Third Party Advisory, Issue Tracking, Patch
CPE cpe:2.3:a:parisneo:lollms-webui:*:*:*:*:*:*:*:* cpe:2.3:a:lollms:lollms_web_ui:*:*:*:*:*:*:*:*
First Time Lollms
Lollms lollms Web Ui

30 Jun 2025, 18:56

Type Values Removed Values Added
References () https://github.com/parisneo/lollms-webui/commit/0b51063119cfb5e391925d232a4af1de9dc32e2b - () https://github.com/parisneo/lollms-webui/commit/0b51063119cfb5e391925d232a4af1de9dc32e2b - Patch
References () https://huntr.com/bounties/687cef92-3432-4d6c-af92-868eccabbb71 - () https://huntr.com/bounties/687cef92-3432-4d6c-af92-868eccabbb71 - Exploit, Third Party Advisory
CPE cpe:2.3:a:parisneo:lollms-webui:*:*:*:*:*:*:*:*
First Time Parisneo lollms-webui
Parisneo

16 Apr 2024, 12:15

Type Values Removed Values Added
Summary The parisneo/lollms-webui does not have CSRF protections. As a result, an attacker is able to execute arbitrary OS commands via the `/execute_code` API endpoint by tricking a user into visiting a specially crafted webpage. A Cross-Site Request Forgery (CSRF) vulnerability in the parisneo/lollms-webui project allows remote attackers to execute arbitrary code on a victim's system. The vulnerability stems from the `/execute_code` API endpoint, which does not properly validate requests, enabling an attacker to craft a malicious webpage that, when visited by a victim, submits a form to the victim's local lollms-webui instance to execute arbitrary OS commands. This issue allows attackers to take full control of the victim's system without requiring direct network access to the vulnerable application.

02 Apr 2024, 19:15

Type Values Removed Values Added
Summary I have activated the CORS because I had a development ui that uses another port number then I forgot to remove it. So what I just did is : - First removed the cors configuration that allows everyone to access it : before: ```python sio = socketio.AsyncServer(async_mode="asgi", cors_allowed_origins="*", ping_timeout=1200, ping_interval=30) # Enable CORS for every one ``` after: ```python cert_file_path = lollms_paths.personal_certificates/"cert.pem" key_file_path = lollms_paths.personal_certificates/"key.pem" if os.path.exists(cert_file_path) and os.path.exists(key_file_path): is_https = True else: is_https = False # Create a Socket.IO server sio = socketio.AsyncServer(async_mode="asgi", cors_allowed_origins=config.allowed_origins+[f"https://localhost:{config['port']}" if is_https else f"http://localhost:{config['port']}"], ping_timeout=1200, ping_interval=30) # Enable CORS for selected origins ``` - Second, I have updated lollms to have two modes (a headless mode and a ui mode). And updated the /execute_code to block if the server is headless or is exposed ```python @router.post("/execute_code") async def execute_code(request: Request): """ Executes Python code and returns the output. :param request: The HTTP request object. :return: A JSON response with the status of the operation. """ if lollmsElfServer.config.headless_server_mode: return {"status":False,"error":"Code execution is blocked when in headless mode for obvious security reasons!"} if lollmsElfServer.config.host=="0.0.0.0": return {"status":False,"error":"Code execution is blocked when the server is exposed outside for very obvipous reasons!"} try: data = (await request.json()) code = data["code"] discussion_id = int(data.get("discussion_id","unknown_discussion")) message_id = int(data.get("message_id","unknown_message")) language = data.get("language","python") if language=="python": ASCIIColors.info("Executing python code:") ASCIIColors.yellow(code) return execute_python(code, discussion_id, message_id) if language=="javascript": ASCIIColors.info("Executing javascript code:") ASCIIColors.yellow(code) return execute_javascript(code, discussion_id, message_id) if language in ["html","html5","svg"]: ASCIIColors.info("Executing javascript code:") ASCIIColors.yellow(code) return execute_html(code, discussion_id, message_id) elif language=="latex": ASCIIColors.info("Executing latex code:") ASCIIColors.yellow(code) return execute_latex(code, discussion_id, message_id) elif language in ["bash","shell","cmd","powershell"]: ASCIIColors.info("Executing shell code:") ASCIIColors.yellow(code) return execute_bash(code, discussion_id, message_id) elif language in ["mermaid"]: ASCIIColors.info("Executing mermaid code:") ASCIIColors.yellow(code) return execute_mermaid(code, discussion_id, message_id) elif language in ["graphviz","dot"]: ASCIIColors.info("Executing graphviz code:") ASCIIColors.yellow(code) return execute_graphviz(code, discussion_id, message_id) return {"status": False, "error": "Unsupported language", "execution_time": 0} except Exception as ex: trace_exception(ex) lollmsElfServer.error(ex) return {"status":False,"error":str(ex)} ``` I also added an optional https mode and looking forward to add a full authentication with cookies and a personal session etc. All updates will be in V 9.1 Again, thanks alot for your work. I will make it harder next time, but if you find more bugs, just be my guest :) The parisneo/lollms-webui does not have CSRF protections. As a result, an attacker is able to execute arbitrary OS commands via the `/execute_code` API endpoint by tricking a user into visiting a specially crafted webpage.

30 Mar 2024, 18:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-03-30 18:15

Updated : 2025-08-15 20:33

NVD link : CVE-2024-1522

Mitre link : CVE-2024-1522

JSON object : View

Products Affected

lollms

  • lollms_web_ui
CWE

No CWE.