CVE-2021-41127

Name of the Vulnerable Software and Affected Versions Rasa versions prior to 2.8.10

Description A vulnerability exists in the functionality that loads a trained model tar.gz file, allowing a malicious actor to craft a model.tar.gz file that can overwrite or replace bot files in the bot directory. This issue enables an attacker to have arbitrary write capability within specific directories using a maliciously crafted archive file.

Recommendations For versions prior to 2.8.10, update to Rasa 2.8.10 to fix the vulnerability. As a temporary workaround for users unable to update, ensure that users do not upload untrusted model files, and restrict CLI or API endpoint access where a malicious actor could target a deployed Rasa instance.