AVID-2026-R1598

Description

Remote Code Execution due to Arbitrary File Write in open-webui/open-webui (CVE-2024-7034)

Details

In open-webui version 0.3.8, the endpoint /models/upload is vulnerable to arbitrary file write due to improper handling of user-supplied filenames. The vulnerability arises from the usage of file_path = f"{UPLOAD_DIR}/{file.filename}" without proper input validation or sanitization. An attacker can exploit this by manipulating the file.filename parameter to include directory traversal sequences, causing the resulting file_path to escape the intended UPLOAD_DIR and potentially overwrite arbitrary files on the system. This can lead to unauthorized modifications of system binaries, configuration files, or sensitive data, potentially enabling remote command execution.

Reason for inclusion in AVID: The CVE-2024-7034 report describes a remote code execution via arbitrary file write in the open-webui/upload endpoint due to improper filename handling, enabling path traversal. This is a software vulnerability in a component (open-webui) that is used in AI model hosting/deployment workflows, making it relevant to AI systems and their software supply chains. The issue affects a software package used to build/run AI systems (model UIs, deployment tooling) and demonstrates RCE risk, satisfying the criteria for an AI-related supply chain vulnerability. The reported CVE provides explicit vulnerability behavior, scope, and impact signals, meeting sufficiency criteria.

References

• NVD entry
• https://huntr.com/bounties/711beada-10fe-4567-9278-80a689da8613

Affected or Relevant Artifacts

• Developer: open-webui
• Deployer: open-webui
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CVSS

CWE

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2025-03-20
• Version: 0.3.3
• AVID Entry