Vulnerability Detail
Enriched intelligence for a single CVE
Critical
CVE-2024-6396
PUBLISHEDArbitrary File Overwrite and Data Exfiltration in aimhubio/aim
Not yet in CISA KEV
- Vendor
- aimhubio
- Product
- aimhubio/aim
- Published
- Jul 12, 2024
- EPSS
- —
Automate This Intelligence with the Pro API
Everything on this page — CVSS, EPSS, exploit status, PoCs, scanner integrations, mentions, tags, and immediate honeypot data — is available programmatically for VM, SOC, and CTI workflows.
Description
A vulnerability in the `_backup_run` function in aimhubio/aim version 3.19.3 allows remote attackers to overwrite any file on the host server and exfiltrate arbitrary data. The vulnerability arises due to improper handling of the `run_hash` and `repo.path` parameters, which can be manipulated to create and write to arbitrary file paths. This can lead to denial of service by overwriting critical system files, loss of private data, and potential remote code execution.
Weaknesses (CWE)
-
Path Traversal: '\..\filename'
CVSS Scores
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitation Status
Exploited in the wild
Recorded 2025-06-26 00:00:00 UTC · The Shadowserver (via CIRCL)
Proof of concept available
Recorded 2026-06-12 14:20:49 UTC · Nuclei Templates
Known Exploited Vulnerability Sources
Catalogues that list this CVE as a known exploited vulnerability.
| Source | Added |
|---|---|
| The Shadowserver (via CIRCL) First | 2025-06-26 00:00 UTC |
Scanner Integrations
| Scanner | Reference | Detected |
|---|---|---|
| Nuclei | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-6396.yaml | Apr 25, 2025 |
Potential Proof of Concepts
These PoCs are unverified and could contain malware. Use at your own risk.
nuclei · Created Unknown
Timeline
-
Proof of Concept Exploit Available
-
Added to KEVIntel
-
Detected by Nuclei
-
CVE Published to Public
-
CVE ID Reserved