We use cookies to improve your experience on our site.
AVID-2026-R1623
Description
Arbitrary File Overwrite in h2oai/h2o-3 (CVE-2024-8616)
Details
In h2oai/h2o-3 version 3.46.0, the /99/Models/{name}/json endpoint allows for arbitrary file overwrite on the target server. The vulnerability arises from the exportModelDetails function in ModelsHandler.java, where the user-controllable mexport.dir parameter is used to specify the file path for writing model details. This can lead to overwriting files at arbitrary locations on the host system.
Reason for inclusion in AVID: CVE-2024-8616 describes an arbitrary file overwrite vulnerability in h2oai/h2o-3 via a user-controllable file path in an endpoint used in AI model serving. This concerns AI software stacks and ML pipelines, is in a software component used to build/run general-purpose AI systems, constitutes a security vulnerability (CWE-73, high CVSS), and the report provides explicit details (affected version, endpoint, parameter, exploit path). Therefore suitable for AVID curation.
References
Affected or Relevant Artifacts
- Developer: h2oai
- Deployer: h2oai
- Artifact Details:
| Type | Name |
|---|---|
| System | h2oai/h2o-3 |
Impact
AVID Taxonomy Categorization
- Risk domains: Security
- SEP subcategories: S0100: Software Vulnerability
- Lifecycle stages: L06: Deployment
CVSS
| Version | 3.0 |
| Vector String | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H |
| Base Score | 8.2 |
| Base Severity | 🔴 High |
| Attack Vector | NETWORK |
| Attack Complexity | 🟢 Low |
| Privileges Required | NONE |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | NONE |
| Integrity Impact | 🟢 Low |
| Availability Impact | 🔴 High |
CWE
| ID | Description |
|---|---|
| CWE-73 | CWE-73 External Control of File Name or Path |
Other information
- Report Type: Advisory
- Credits:
- Date Reported: 2025-03-20
- Version: 0.3.3
- AVID Entry