CVE-2024-6396
CRITICAL EXPLOITED NUCLEIAim 3.19.3 - Arbitrary File Overwrite via _backup_run Parameters
Title source: manualExploitation Summary
CVE-2024-6396 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.
Description
A vulnerability in the `_backup_run` function in aimhubio/aim version 3.19.3 allows remote attackers to overwrite any file on the host server and exfiltrate arbitrary data. The vulnerability arises due to improper handling of the `run_hash` and `repo.path` parameters, which can be manipulated to create and write to arbitrary file paths. This can lead to denial of service by overwriting critical system files, loss of private data, and potential remote code execution.
Nuclei Templates (1)
Aimhubio Aim Server 3.19.3 - Arbitrary File Overwrite
CRITICALVERIFIEDby iamnoooob,rootxharsh,pdresearch
FOFA:
icon_hash="-1047157256"
References (1)
Core 1
Core References
Exploit, Third Party Advisory
https://huntr.com/bounties/c1b17afd-4656-47bb-8310-686a9e1b04a0
Scores
CVSS v3
9.8
EPSS
0.5339
EPSS Percentile
98.8%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
total
Details
VulnCheck KEV
2024-09-16
CWE
CWE-29
Status
published
Products (1)
aimstack/aim
3.19.3
Published
Jul 12, 2024
Tracked Since
Feb 18, 2026