2024-04-16 00:00:14
@huntr_ai
PUBLISHED
mintplex-labs/anything-llm is vulnerable to improper input validation, allowing attackers to read and delete arbitrary files on the server. By manipulating the logo_filename parameter in the system-preferences API endpoint, an attacker can construct requests to read sensitive files or the applications .env file, and even delete files by setting the logo_filename to the path of the target file and invoking the remove-logo API endpoint. This vulnerability is due to the lack of proper sanitization of user-supplied input.