CVE-2024-7037

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-7037
In version v0.3.8 of open-webui/open-webui, the endpoint /api/pipelines/upload is vulnerable to arbitrary file write and delete due to unsanitized file.filename concatenation with CACHE_DIR. This vulnerability allows attackers to overwrite and delete system files, potentially leading to remote code execution.

6.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector : AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

Exploitability : 1.2 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://huntr.com/bounties/8508db68-9c99-4b1c-828c-e1bfcacfb847
Configurations

No configuration.

History

10 Oct 2024, 12:51

Type Values Removed Values Added
Summary
  • (es) En la versión v0.3.8 de open-webui/open-webui, el endpoint /api/pipelines/upload es vulnerable a la escritura y eliminación arbitrarias de archivos debido a la concatenación no saneada de file.filename con CACHE_DIR. Esta vulnerabilidad permite a los atacantes sobrescribir y eliminar archivos del sistema, lo que puede provocar la ejecución remota de código.

09 Oct 2024, 20:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-10-09 20:15

Updated : 2024-10-10 12:51

NVD link : CVE-2024-7037

Mitre link : CVE-2024-7037

CVE.ORG link : CVE-2024-7037

JSON object : View

Products Affected

No product.

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024