MEDIUM 6.5

GHSA-54f4-v6v9-9q82

open-webui allows writing and deleting arbitrary files

Details

In version v0.3.8 of open-webui/open-webui, the endpoint /api/pipelines/upload is vulnerable to arbitrary file write and delete due to unsanitized file.filename concatenation with CACHE_DIR. This vulnerability allows attackers to overwrite and delete system files, potentially leading to remote code execution.

Are you affected?

Enter the version of the package you're using.

Affected packages

PyPI / open-webui

Introduced in: 0

No fixed version published yet for open-webui (pip). Pin to a known-safe version or switch to an alternative.

References

https://nvd.nist.gov/vuln/detail/CVE-2024-7037 [ADVISORY]
https://github.com/open-webui/open-webui [PACKAGE]
https://github.com/open-webui/open-webui/blob/main/backend/main.py#L1513 [WEB]
https://huntr.com/bounties/8508db68-9c99-4b1c-828c-e1bfcacfb847 [WEB]