PT-2024-38039 · Unknown · Open-Webui
Published
2024-10-09
·
Updated
2025-07-29
·
CVE-2024-7037
CVSS v3.1
7.2
High
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
open-webui/open-webui version 0.3.8
Description
The
/api/pipelines/upload endpoint is susceptible to arbitrary file write and deletion due to improper sanitization of the file.filename variable when concatenated with CACHE DIR. This allows attackers to overwrite and delete system files, potentially leading to remote code execution.Recommendations
open-webui/open-webui version 0.3.8: Sanitize the
file.filename variable before concatenating it with CACHE DIR in the /api/pipelines/upload endpoint to prevent arbitrary file write and deletion. As a temporary workaround, consider disabling the /api/pipelines/upload endpoint until a patch is available.Exploit
Fix
RCE
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Open-Webui