Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2024-24566

Published: 31/01/2024 Updated: 09/02/2024
CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9
VMScore: 0

Vulnerability Summary

Lobe Chat is a chatbot framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. When the application is password-protected (deployed with the `ACCESS_CODE` option), it is possible to access plugins without proper authorization (without password). This vulnerability is patched in 0.122.4.

Vulnerable Product Search on Vulmon Subscribe to Product

lobehub lobe chat

Github Repositories

https://github.com/dastaj/CVEs

CVEs Proof-of-Concept

CVE Findings Repository Introduction Welcome to my CVE Findings repository Here, I document and discuss various Common Vulnerabilities and Exposures (CVEs) that I have discovered My goal is to contribute to the cybersecurity community by providing detailed insights and potential mitigation strategies for these vulnerabilities For each CVE, there is a separate directory conta

References

NVD-CWE-Otherhttps://github.com/lobehub/lobe-chat/security/advisories/GHSA-pf55-fj96-xf37https://github.com/lobehub/lobe-chat/commit/2184167f09ab68e4efa051ee984ea0c4e7c48fbdhttps://nvd.nist.govhttps://github.com/dastaj/CVEs
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710arbitrary CVE-2024-5272CVE-2024-2961brute forceremoteCVE-2024-32944CVE-2024-36241CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook