AnythingLLM 漏洞列表
共找到 3 个与 AnythingLLM 相关的漏洞
📅 加载漏洞趋势中...
-
CVE-2024-6842: AnythingLLM - Information Disclosure POC
AnythingLLM suffers from an information disclosure vulnerability through the `/api/setup-complete` API endpoint. By accessing this endpoint, a remote and unauthenticated attacker can access sensitive configuration of the target AnythingLLM instance. This detection is included in the AI and LLM category. -
CVE-2024-6842: AnythingLLM - Information Disclosure POC
AnythingLLM suffers from an information disclosure vulnerability through the `/api/setup-complete` API endpoint. By accessing this endpoint, a remote and unauthenticated attacker can access sensitive configuration of the target AnythingLLM instance. This detection is included in the AI and LLM category. -
AnythingLLM Ollama /api/setup-complete 信息泄露漏洞 无POC
AnythingLLM是一款支持用户通过本地语言模型(LLM)进行个性化训练的工具。在配置使用Ollama时,认证令牌可能通过未认证的/api/setup-complete端点以明文形式暴露给未授权用户,导致敏感信息泄露。