CVE-2024-9311

A Cross-Site Request Forgery (CSRF) vulnerability in haotian-liu/llava v1.2.0 (LLaVA-1.6) allows an attacker to upload files with malicious content without authentication or user interaction. The uploaded file is stored in a predictable path, enabling the attacker to execute arbitrary JavaScript code in the context of the victim's browser by visiting the crafted file URL. This can lead to theft of sensitive information, session hijacking, or other actions compromising the security and privacy of the victim.

CVSS v3 6.1 MEDIUM

6.1^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://huntr.com/bounties/15b18b85-5a6b-43e7-bc65-6b4772871e98	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:hliu:large_language_and_vision_assistant:1.2.0:*:*:*:*:*:*:*

History

07 Apr 2025, 14:54

Type	Values Removed	Values Added
CPE		cpe:2.3:a:hliu:large_language_and_vision_assistant:1.2.0:::::::*
First Time		Hliu Hliu large Language And Vision Assistant
References	~~() https://huntr.com/bounties/15b18b85-5a6b-43e7-bc65-6b4772871e98 -~~	() https://huntr.com/bounties/15b18b85-5a6b-43e7-bc65-6b4772871e98 - Exploit, Third Party Advisory
Summary		(es) Una vulnerabilidad de Cross-Site Request Forgery (CSRF) en haotian-liu/llava v1.2.0 (LLaVA-1.6) permite a un atacante cargar archivos con contenido malicioso sin autenticación ni interacción del usuario. El archivo cargado se almacena en una ruta predecible, lo que permite al atacante ejecutar código JavaScript arbitrario en el navegador de la víctima al visitar la URL del archivo manipulado. Esto puede provocar el robo de información confidencial, el secuestro de sesión u otras acciones que comprometan la seguridad y la privacidad de la víctima.

20 Mar 2025, 10:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-03-20 10:15

Updated : 2025-04-07 14:54

NVD link : CVE-2024-9311

Mitre link : CVE-2024-9311

CVE.ORG link : CVE-2024-9311

JSON object : View

Products Affected

hliu

large_language_and_vision_assistant

CWE

CWE-352

Cross-Site Request Forgery (CSRF)

{"id": "CVE-2024-9311", "cveTags": [], "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "security@huntr.dev", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2025-03-20T10:15:47.980", "references": [{"url": "https://huntr.com/bounties/15b18b85-5a6b-43e7-bc65-6b4772871e98", "tags": ["Exploit", "Third Party Advisory"], "source": "security@huntr.dev"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security@huntr.dev", "description": [{"lang": "en", "value": "CWE-352"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-352"}]}], "descriptions": [{"lang": "en", "value": "A Cross-Site Request Forgery (CSRF) vulnerability in haotian-liu/llava v1.2.0 (LLaVA-1.6) allows an attacker to upload files with malicious content without authentication or user interaction. The uploaded file is stored in a predictable path, enabling the attacker to execute arbitrary JavaScript code in the context of the victim's browser by visiting the crafted file URL. This can lead to theft of sensitive information, session hijacking, or other actions compromising the security and privacy of the victim."}, {"lang": "es", "value": "Una vulnerabilidad de Cross-Site Request Forgery (CSRF) en haotian-liu/llava v1.2.0 (LLaVA-1.6) permite a un atacante cargar archivos con contenido malicioso sin autenticaci\u00f3n ni interacci\u00f3n del usuario. El archivo cargado se almacena en una ruta predecible, lo que permite al atacante ejecutar c\u00f3digo JavaScript arbitrario en el navegador de la v\u00edctima al visitar la URL del archivo manipulado. Esto puede provocar el robo de informaci\u00f3n confidencial, el secuestro de sesi\u00f3n u otras acciones que comprometan la seguridad y la privacidad de la v\u00edctima."}], "lastModified": "2025-04-07T14:54:12.453", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hliu:large_language_and_vision_assistant:1.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16359AF7-BEEE-464E-9B76-3D47F6635EE8"}], "operator": "OR"}]}], "sourceIdentifier": "security@huntr.dev"}