Cradicle Explorer
ai-agents-security_AI-Infra-Guard
/ data / vuln_en / ragflow / CVE-2024-10131.yaml
CVE-2024-10131.yaml
 1  info:
 2    name: ragflow
 3    cve: CVE-2024-10131
 4    summary: Remote Code Execution (RCE) vulnerability in RagFlow's `add_llm` function
 5    details: |
 6      The `add_llm` function in `llm_app.py` within RagFlow version 0.11.0 contains a remote code execution (RCE) vulnerability. 
 7      It utilizes user-supplied inputs `req['llm_factory']` and `req['llm_name']` to dynamically instantiate classes from 
 8      various model dictionaries without adequate input validation or sanitization, potentially allowing arbitrary code execution.
 9    cvss: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10    severity: CRITICAL
11    security_advise: |
12      1. Immediately upgrade to RagFlow version 0.11.1 or later.
13      2. Review and enhance input validation and sanitization practices in the `add_llm` function.
14      3. Monitor for any suspicious activities post-upgrade to ensure the vulnerability is fully mitigated.
15  rule: version == "0.11.0"
16  references:
17    - https://nvd.nist.gov/vuln/detail/CVE-2024-10131
18    - https://huntr.com/bounties/42ae0b27-e851-4b58-a991-f691a437fbaa