Mintplex Anything-LLM Path Traversal Vulnerability in Document Uploads Manager

A path traversal vulnerability has been identified in the 'document uploads manager' feature of Mintplex Labs' Anything-LLM, specifically in the latest version prior to 1.2.2. This vulnerability allows users with the 'manager' role to access and manipulate the 'anythingllm.db' database file. By exploiting the vulnerable endpoint '/api/document/move-files', an attacker can move the database file to a publicly accessible directory, download it, and subsequently delete it. This exploitation could result in unauthorized access to sensitive data, privilege escalation, and potential data loss.

Impact

Exploitation of this vulnerability allows unauthorized users to access the 'anythingllm.db' database file, which contains all user data, application system settings, and private API keys. This access could lead to privilege escalation to an administrator level by using API keys stored in the database. Additionally, the vulnerability allows for the deletion of the database file, causing data loss and disrupting the functionality of the Anything-LLM application, which relies on this database file for proper operation.

Reproduction

To reproduce this vulnerability, log into the application as a user with 'manager' privileges. Once logged in, update the user's profile to set the 'pfpFilename' (profile picture filename) to 'anythingllm.db'. This action will prompt the application to return the database file as a profile picture. Next, exploit the path traversal vulnerability by sending a POST request to the '/api/document/move-files' endpoint. Include a JSON payload that specifies moving the 'anythingllm.db' file from its original location to the 'assets/pfp/' directory, where profile pictures are stored. After the file has been moved, download it by sending a GET request to the '/api/system/pfp/:userId' endpoint, replacing ':userId' with the ID of the user account. Finally, to delete the 'anythingllm.db' file, send a DELETE request to the '/api/system/remove-pfp' endpoint, which will remove the file from the 'pfp' directory and delete all associated user data and system settings.

Remediation

Users are advised to update to version 1.2.2 or later, where this vulnerability has been fixed.