Arbitrary File Write Vulnerability in LocalAI by Mudler
CVE-2024-6868
9.8CRITICAL
What is CVE-2024-6868?
An arbitrary file write vulnerability exists in LocalAI version 2.17.1 due to improper handling of automatic archive extraction. When model configurations specify additional files in the form of archives such as .tar, these archives get automatically extracted post-download. This design flaw can be exploited through a 'tarslip' attack, allowing attackers to write files to arbitrary locations on the server. As a result, standard checks that limit file writing to the models directory can be bypassed, potentially leading to remote code execution (RCE) by overwriting critical backend assets utilized by the server.
Affected Version(s)
mudler/localai < 2.18.1
References
CVSS V3.1
Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
CVSS V3.0
Score:
8.1
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published