MEDIUM 6.5

GHSA-crh6-pj8c-xrhc

Open WebUI Allows Arbitrary File Write via the `/models/upload` Endpoint

상세

In open-webui version 0.3.8, the endpoint `/models/upload` is vulnerable to arbitrary file write due to improper handling of user-supplied filenames. The vulnerability arises from the usage of `file_path = f"{UPLOAD_DIR}/{file.filename}"` without proper input validation or sanitization. An attacker can exploit this by manipulating the `file.filename` parameter to include directory traversal sequences, causing the resulting `file_path` to escape the intended `UPLOAD_DIR` and potentially overwrite arbitrary files on the system. This can lead to unauthorized modifications of system binaries, configuration files, or sensitive data, potentially enabling remote command execution.

이 버전이 영향받나요?

사용 중인 패키지 버전을 입력하면 즉시 평가합니다.

영향 패키지

PyPI / open-webui

최초 영향 버전: 0

No fixed version published yet for open-webui (pip). Pin to a known-safe version or switch to an alternative.

참고

https://nvd.nist.gov/vuln/detail/CVE-2024-7034 [ADVISORY]
https://github.com/open-webui/open-webui [PACKAGE]
https://huntr.com/bounties/711beada-10fe-4567-9278-80a689da8613 [WEB]