CVE-2024-6396

CRITICAL EXPLOITED NUCLEI

aimhubio/aim <3.19.3 - RCE

Title source: llm

Description

A vulnerability in the `_backup_run` function in aimhubio/aim version 3.19.3 allows remote attackers to overwrite any file on the host server and exfiltrate arbitrary data. The vulnerability arises due to improper handling of the `run_hash` and `repo.path` parameters, which can be manipulated to create and write to arbitrary file paths. This can lead to denial of service by overwriting critical system files, loss of private data, and potential remote code execution.

Nuclei Templates (1)

Aimhubio Aim Server 3.19.3 - Arbitrary File Overwrite

CRITICALVERIFIEDby iamnoooob,rootxharsh,pdresearch

FOFA: icon_hash="-1047157256"

References (1)

[Exploit, Third Party Advisory] https://huntr.com/bounties/c1b17afd-4656-47bb-8310-686a9e1b04a0

Scores

CVSS v3 9.8

EPSS 0.9038

EPSS Percentile 99.6%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2024-09-16

CWE

CWE-29

Status published

Products (1)

aimstack/aim 3.19.3

Published Jul 12, 2024

Tracked Since Feb 18, 2026