Описание
Open WebUI Allows Arbitrary File Write via the /models/upload Endpoint
In open-webui version 0.3.8, the endpoint /models/upload is vulnerable to arbitrary file write due to improper handling of user-supplied filenames. The vulnerability arises from the usage of file_path = f"{UPLOAD_DIR}/{file.filename}" without proper input validation or sanitization. An attacker can exploit this by manipulating the file.filename parameter to include directory traversal sequences, causing the resulting file_path to escape the intended UPLOAD_DIR and potentially overwrite arbitrary files on the system. This can lead to unauthorized modifications of system binaries, configuration files, or sensitive data, potentially enabling remote command execution.
Пакеты
open-webui
<= 0.3.8
Отсутствует
Связанные уязвимости
In open-webui version 0.3.8, the endpoint `/models/upload` is vulnerable to arbitrary file write due to improper handling of user-supplied filenames. The vulnerability arises from the usage of `file_path = f"{UPLOAD_DIR}/{file.filename}"` without proper input validation or sanitization. An attacker can exploit this by manipulating the `file.filename` parameter to include directory traversal sequences, causing the resulting `file_path` to escape the intended `UPLOAD_DIR` and potentially overwrite arbitrary files on the system. This can lead to unauthorized modifications of system binaries, configuration files, or sensitive data, potentially enabling remote command execution.