CVE-2024-31462

Name of the Vulnerable Software and Affected Versions stable-diffusion-webui version 1.7.0

Description The issue is related to a limited file write affecting Windows systems. It occurs in the create ui method (Backup/Restore tab) in modules/ui extensions.py, where user input is taken into the config save name variable. This input is later used to create a file path, which is then opened for writing, leading to a limited file write exploitable on Windows systems. This allows for writing json files anywhere on the server where the web server has access.

Recommendations For stable-diffusion-webui version 1.7.0, consider disabling the create ui method in the Backup/Restore tab as a temporary workaround until a patch is available. Restrict access to the save config state method to minimize the risk of exploitation. Avoid using the config save name variable in the affected code until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.