Open WebUI Allows Arbitrary File Write via the `/models/upload` Endpoint

GHSA-crh6-pj8c-xrhc · CVE-2024-7034

Published Mar 20, 2025 · Modified Mar 21, 2025

Description

In open-webui version 0.3.8, the endpoint /models/upload is vulnerable to arbitrary file write due to improper handling of user-supplied filenames. The vulnerability arises from the usage of file_path = f"{UPLOAD_DIR}/{file.filename}" without proper input validation or sanitization. An attacker can exploit this by manipulating the file.filename parameter to include directory traversal sequences, causing the resulting file_path to escape the intended UPLOAD_DIR and potentially overwrite arbitrary files on the system. This can lead to unauthorized modifications of system binaries, configuration files, or sensitive data, potentially enabling remote command execution.

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2024-7034
PACKAGE https://github.com/open-webui/open-webui
WEB https://huntr.com/bounties/711beada-10fe-4567-9278-80a689da8613

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes