A critical vulnerability has been identified in the parisneo/lollms-webui application, rated 9.6 out of 10. This flaw allows an unauthenticated attacker to remotely execute arbitrary code on the server by sending a specially crafted request. Successful exploitation could lead to a complete system compromise, resulting in data theft, service disruption, and further unauthorized access to the network.

A Local File Inclusion (LFI) vulnerability exists in the /reinstall_extension endpoint. The name parameter in POST requests to this endpoint is not properly sanitized, allowing an attacker to use path traversal characters (e.g., ../). An attacker can first upload a malicious Python file (e.g., as part of a discussion) and then use this vulnerability to trick the server into navigating to the upload directory and executing the file. The application's extension reinstallation mechanism improperly concatenates the user-supplied name parameter to build a file path, which is then loaded and executed by importlib.machinery.SourceFileLoader. This provides a direct path to unauthenticated Remote Code Execution (RCE) on any server where the application UI is exposed, particularly when bound to all network interfaces (0.0.0.0).

This vulnerability is of critical severity with a CVSS score of 9.6. Exploitation can lead to a complete compromise of the underlying server, granting an attacker the same level of access as the application itself. The potential consequences include theft of sensitive data processed by the application, deployment of ransomware, disruption of business operations, and the use of the compromised server as a beachhead to launch further attacks against the internal network. The lack of required user interaction or authentication makes this an easily exploitable vulnerability for any exposed instance, posing a significant and immediate risk to the organization's security posture and data integrity.

Immediate Action: Update the parisneo/lollms-webui application to the latest patched version immediately. After patching, monitor for any signs of post-exploitation activity and review access logs for any exploitation attempts that may have occurred prior to the update.

Proactive Monitoring:

• Review web server and application logs for POST requests to the /reinstall_extension endpoint.
• Scrutinize requests for path traversal sequences (e.g., ../, ..%2f) within the name parameter of the request body.
• Monitor for any unexpected child processes being spawned by the lollms-webui application process, especially shells (/bin/sh, cmd.exe) or network utilities (curl, wget, nc).
• Monitor for anomalous outbound network connections from the server, which could indicate a reverse shell or data exfiltration.

Compensating Controls: If patching is not immediately possible, implement the following controls:

• Use a Web Application Firewall (WAF) to create a rule that blocks any requests to the /reinstall_extension endpoint containing path traversal characters.
• Restrict network access to the application. Ensure it is not exposed to the public internet and is only accessible from trusted IP addresses.
• If the functionality is not essential, consider disabling the extension reinstallation feature entirely through configuration or reverse proxy rules.

Public Exploit Available: true

Due to the critical severity (CVSS 9.6) and the high likelihood of active exploitation, this vulnerability requires immediate attention. We strongly recommend that all instances of parisneo/lollms-webui are updated to a patched version without delay. Any internet-facing instances should be considered at extreme risk and must be prioritized for remediation. If patching cannot be performed immediately, the instance should be taken offline or isolated from untrusted networks until it can be secured.