Description

An unhandled exception in danny-avila/librechat version 3c94ff2 can lead to a server crash. The issue occurs when the fs module throws an exception while handling file uploads. An unauthenticated user can trigger this exception by sending a specially crafted request, causing the server to crash. The vulnerability is fixed in version 0.7.6.

INFO

Published Date :

2025-03-20T10:09:59.233Z

Last Modified :

2025-03-20T18:32:06.181Z

Source :

@huntr_ai
AFFECTED PRODUCTS

The following products are affected by CVE-2024-11169 vulnerability.

Vendors Products
Librechat
  • Librechat
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-11169.

URL Resource
https://github.com/danny-avila/librechat/commit/629be5c0ca2b332178524b4e3f6fac715aea8cc4 cve-icon cve-icon
https://huntr.com/bounties/754e1649-5612-4ba9-a533-06b46de5c4b5 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact