Arbitrary File Write Vulnerability in LocalAI by Mudler
CVE-2024-6868
9.8CRITICAL
Summary
An arbitrary file write vulnerability exists in LocalAI version 2.17.1 due to improper handling of automatic archive extraction. When model configurations specify additional files in the form of archives such as .tar, these archives get automatically extracted post-download. This design flaw can be exploited through a 'tarslip' attack, allowing attackers to write files to arbitrary locations on the server. As a result, standard checks that limit file writing to the models directory can be bypassed, potentially leading to remote code execution (RCE) by overwriting critical backend assets utilized by the server.
References
CVSS V3.1
Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published