CRITICAL🇵🇱 Wersja polska

CVE-2024-2195

CVSS 9.8v3.0pub. 2024-04-10upd. 2025-07-29

A critical Remote Code Execution (RCE) vulnerability was identified in the aimhubio/aim project, specifically within the `/api/runs/search/run/` endpoint, affecting versions >= 3.0.0. The vulnerability resides in the `run_search_api` function of the `aim/web/api/runs/views.py` file, where improper restriction of user access to the `RunView` object allows for the execution of arbitrary code via the `query` parameter. This issue enables attackers to execute arbitrary commands on the server, potentially leading to full system compromise.

🤖 AI Analysis
How it works

The vulnerability affects the `run_search_api` function in the file `aim/web/api/runs/views.py`. Improper access restriction for the user to the `RunView` object causes the `query` parameter passed over the network to not be properly validated or sanitized. An attacker can place malicious code in this parameter, which will be executed directly on the server. The attack vector is network-based, requires no authentication or user interaction, making this vulnerability particularly dangerous.

Impact

An attacker can execute arbitrary commands on the server hosting the Aim application, which could result in complete system compromise, including data theft, malware installation, or further lateral movement in the network.

Mitigation & patch

Patches available from the vendor should be applied according to references. Additionally, it is recommended to restrict network access to the `/api/runs/search/run/` endpoint using firewall or access control mechanisms until the update is deployed.

Who is affected

Aimstack Aim in versions >= 3.0.0

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Aimstack Aim

    APP
    Aimstack
    ≥ 3.0.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2024-7760CRITICAL9.6PL ✓ten sam produkt

CSRF w Aimstack Aim — łańcuch podatności z RCE i DoS

CVE-2024-6829CRITICAL9.1PL ✓ten sam produkt

Path traversal w Aimstack Aim – zapis plików w dowolnej lokalizacji serwera

CVE-2024-8769CRITICAL9.1PL ✓ten sam produkt

Aimstack Aim: path traversal umożliwiający usunięcie dowolnego pliku

CVE-2024-6396CRITICAL9.8PL ✓ten sam produkt

Nadpisywanie plików i RCE w Aimstack Aim przez funkcję _backup_run

CVE-2025-51463HIGH7.0ten sam produkt

Path Traversal in restore_run_backup() in AIM 3.28.0 allows remote attackers to write arbitrary files to the s...