Arbitrary File Write Vulnerability in Open-Webui by Open-Webui Team
CVE-2024-7033

6.5MEDIUM

Key Information:

Vendor: Open-webui
Status: Open-webui/open-webui
Vendor: CVE Published:; 20 March 2025

Summary

In version 0.3.8 of Open-Webui, an arbitrary file write vulnerability is present in the download_model endpoint. When the application runs on Windows, it mishandles file paths, allowing attackers to craft malicious paths. This could enable them to write files to unintended locations within the server's filesystem. The implications are severe, as this could lead to the overwriting of essential system or application files. As a result, it may trigger denial of service conditions or potentially facilitate remote code execution, where an attacker could execute arbitrary code with the same permissions as the application user, thereby compromising the entire system.

Affected Version(s)

open-webui/open-webui <= unspecified

References

https://huntr.com/bounties/7078261f-8414-4bb7-9d72-a2a4d8...

CVSS V3.0

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 20, 2025
Vulnerability Reserved
Jul 23, 2024