CVE-2024-7959

Name of the Vulnerable Software and Affected Versions open-webui/open-webui version 0.3.8

Description The issue concerns a Server-Side Request Forgery (SSRF) vulnerability. Specifically, the /openai/models endpoint is affected, allowing an attacker to change the OpenAI URL to any URL without checks. This enables the attacker to access internal services and potentially gain command execution by accessing instance secrets.

Recommendations For open-webui/open-webui version 0.3.8, as a temporary workaround, consider restricting access to the /openai/models endpoint until a patch is available. Additionally, restrict the ability to change the OpenAI URL to prevent unauthorized requests.