CVE-2024-2083

Description

A directory traversal vulnerability exists in the zenml-io/zenml repository, specifically within the /api/v1/steps endpoint. Attackers can exploit this vulnerability by manipulating the 'logs' URI path in the request to fetch arbitrary file content, bypassing intended access restrictions. The vulnerability arises due to the lack of validation for directory traversal patterns, allowing attackers to access files outside of the restricted directory.

CVSS v3.1 Score

9.9

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Weakness Type (CWE)

CWE-29 CWE-29

Affected Products

Vendor	Product	Versions
zenml	zenml	< 0.55.5

References

Advisories & Patches

https://github.com/zenml-io/zenml/commit/00e934f33a243a554f5f65b80eefd5ea5117367b https://github.com/zenml-io/zenml/commit/00e934f33a243a554f5f65b80eefd5ea5117367b

Exploits

https://huntr.com/bounties/f24b2216-6a4b-42a1-becb-9b47e6cf117f https://huntr.com/bounties/f24b2216-6a4b-42a1-becb-9b47e6cf117f

Frequently Asked Questions

What is CVE-2024-2083? +

A directory traversal vulnerability exists in the zenml-io/zenml repository, specifically within the /api/v1/steps endpoint. Attackers can exploit this vulnerability by manipulating the 'logs' URI path in the request to fetch arbitrary file content, bypassing intended access restrictions. The vulnerability arises due to the lack of validation for directory traversal patterns, allowing attackers to access files outside of the restricted directory. It has a CVSS v3.1 base score of 9.9 (CRITICAL).

How severe is CVE-2024-2083? +

CVE-2024-2083 has a CVSS v3.1 score of 9.9 out of 10, rated CRITICAL. This is a critical vulnerability that should be patched immediately.

What products are affected by CVE-2024-2083? +

CVE-2024-2083 affects products from zenml, specifically: zenml. Check the affected products table above for specific version ranges.

How do I check if I'm vulnerable to CVE-2024-2083? +

You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

CVE-2025-50184

DbGate is cross-platform database manager. In versions 6.4.3-premium-beta.5 and below, DbGate is vulnerable to a directory traversal flaw. The file …

CVE-2025-50185

DbGate is cross-platform database manager. In versions 6.6.0 and below, DbGate allows unauthorized file access due to insufficient validation of …

CVE-2024-2358 9.8

A path traversal vulnerability in the '/apply_settings' endpoint of parisneo/lollms-webui allows attackers to execute arbitrary code. The vulnerability arises due …

CVE-2024-2360 9.8

parisneo/lollms-webui is vulnerable to path traversal attacks that can lead to remote code execution due to insufficient sanitization of user-supplied …

CVE-2024-2624 9.8

A path traversal and arbitrary file upload vulnerability exists in the parisneo/lollms-webui application, specifically within the `@router.get("/switch_personal_path")` endpoint in `./lollms-webui/lollms_core/lollms/server/endpoints/lollms_user.py`. …

CVE-2024-3429 9.8

A path traversal vulnerability exists in the parisneo/lollms application, specifically within the `sanitize_path_from_endpoint` and `sanitize_path` functions in `lollms_core\lollms\security.py`. This vulnerability …