16Nis
CVE-2024-1646 | parisneo lollms-webui up to 9.2 Endpoint /restart_program host authentication bypass
A vulnerability was found in parisneo lollms-webui up to 9.2. It has been declared as critical. This vulnerability affects unknown code of the file /restart_program of the component Endpoint. The manipulation of the argument host leads to authentication bypass using alternate channel. This vulnerability was named CVE-2024-1646. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.