Home » Database

AVID-2026-R1404

Description

Command Injection in mudler/localai (CVE-2024-2029)

Details

A command injection vulnerability exists in the TranscriptEndpoint of mudler/localai, specifically within the audioToWav function used for converting audio files to WAV format for transcription. The vulnerability arises due to the lack of sanitization of user-supplied filenames before passing them to ffmpeg via a shell command, allowing an attacker to execute arbitrary commands on the host system. Successful exploitation could lead to unauthorized access, data breaches, or other detrimental impacts, depending on the privileges of the process executing the code.

Reason for inclusion in AVID: CVE-2024-2029 describes a command injection in mudler/localai’s TranscriptEndpoint (audioToWav) via unsanitized user-supplied filenames passed to ffmpeg, enabling arbitrary commands. This is a software vulnerability in an AI tooling component used in AI pipelines; affects components used to build/run general-purpose AI systems; it’s a security/safety vulnerability with high impact. Sufficient evidence present in the CVE entry and references.

References

Affected or Relevant Artifacts

  • Developer: mudler
  • Deployer: mudler
  • Artifact Details:
TypeName
Systemmudler/localai

Impact

AVID Taxonomy Categorization

  • Risk domains: Security
  • SEP subcategories: S0100: Software Vulnerability
  • Lifecycle stages: L06: Deployment

CVSS

Version3.0
Vector StringCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score9.8
Base Severity🔴 Critical
Attack VectorNETWORK
Attack Complexity🟢 Low
Privileges RequiredNONE
User InteractionNONE
ScopeUNCHANGED
Confidentiality Impact🔴 High
Integrity Impact🔴 High
Availability Impact🔴 High

CWE

IDDescription
CWE-78CWE-78 Improper Neutralization of Special Elements used in an OS Command

Other information

  • Report Type: Advisory
  • Credits:
  • Date Reported: 2024-04-10
  • Version: 0.3.3
  • AVID Entry