CVE-2024-10131

The `add_llm` function in `llm_app.py` in infiniflow/ragflow version 0.11.0 contains a remote code execution (RCE) vulnerability. The function uses user-supplied input `req['llm_factory']` and `req['llm_name']` to dynamically instantiate classes from various model dictionaries. This approach allows an attacker to potentially execute arbitrary code due to the lack of comprehensive input validation or sanitization. An attacker could provide a malicious value for 'llm_factory' that, when used as an index to these model dictionaries, results in the execution of arbitrary code.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://huntr.com/bounties/42ae0b27-e851-4b58-a991-f691a437fbaa	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:infiniflow:ragflow:0.11.0:*:*:*:*:*:*:*

History

15 Oct 2025, 13:15

Type	Values Removed	Values Added
CWE	~~CWE-77~~	CWE-94

Information

Published : 2024-10-19 04:15

Updated : 2025-10-15 13:15

NVD link : CVE-2024-10131

Mitre link : CVE-2024-10131

CVE.ORG link : CVE-2024-10131

JSON object : View

Products Affected

infiniflow

ragflow

CWE

CWE-94

Improper Control of Generation of Code ('Code Injection')

{"id": "CVE-2024-10131", "cveTags": [], "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "security@huntr.dev", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2024-10-19T04:15:05.300", "references": [{"url": "https://huntr.com/bounties/42ae0b27-e851-4b58-a991-f691a437fbaa", "tags": ["Exploit", "Third Party Advisory"], "source": "security@huntr.dev"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "security@huntr.dev", "description": [{"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "The `add_llm` function in `llm_app.py` in infiniflow/ragflow version 0.11.0 contains a remote code execution (RCE) vulnerability. The function uses user-supplied input `req['llm_factory']` and `req['llm_name']` to dynamically instantiate classes from various model dictionaries. This approach allows an attacker to potentially execute arbitrary code due to the lack of comprehensive input validation or sanitization. An attacker could provide a malicious value for 'llm_factory' that, when used as an index to these model dictionaries, results in the execution of arbitrary code."}, {"lang": "es", "value": "La funci\u00f3n `add_llm` en `llm_app.py` en infiniflow/ragflow versi\u00f3n 0.11.0 contiene una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo (RCE). La funci\u00f3n utiliza la entrada proporcionada por el usuario `req['llm_factory']` y `req['llm_name']` para instanciar din\u00e1micamente clases de varios diccionarios de modelos. Este enfoque permite a un atacante ejecutar c\u00f3digo arbitrario debido a la falta de una validaci\u00f3n o desinfecci\u00f3n integral de la entrada. Un atacante podr\u00eda proporcionar un valor malicioso para 'llm_factory' que, cuando se utiliza como \u00edndice para estos diccionarios de modelos, da como resultado la ejecuci\u00f3n de c\u00f3digo arbitrario."}], "lastModified": "2025-10-15T13:15:34.100", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:infiniflow:ragflow:0.11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B1CFDFA2-0908-48AA-B613-BC2B0FB248BE"}], "operator": "OR"}]}], "sourceIdentifier": "security@huntr.dev"}