CVE-2024-5182

A path traversal vulnerability exists in mudler/localai version 2.14.0, where an attacker can exploit the `model` parameter during the model deletion process to delete arbitrary files. Specifically, by crafting a request with a manipulated `model` parameter, an attacker can traverse the directory structure and target files outside of the intended directory, leading to the deletion of sensitive data. This vulnerability is due to insufficient input validation and sanitization of the `model` parameter.

CVSS v3 9.1 CRITICAL

9.1^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/mudler/localai/commit/1a3dedece06cab1acc3332055d285ac540a47f0e	Patch
https://huntr.com/bounties/f7a87f29-c22a-48e8-9fce-b6d5a273e545	Exploit Issue Tracking Patch

Configurations

Configuration 1 (hide)

cpe:2.3:a:mudler:localai:*:*:*:*:*:*:*:*

History

27 Aug 2024, 17:30

Type	Values Removed	Values Added
References	~~() https://github.com/mudler/localai/commit/1a3dedece06cab1acc3332055d285ac540a47f0e -~~	() https://github.com/mudler/localai/commit/1a3dedece06cab1acc3332055d285ac540a47f0e - Patch
References	~~() https://huntr.com/bounties/f7a87f29-c22a-48e8-9fce-b6d5a273e545 -~~	() https://huntr.com/bounties/f7a87f29-c22a-48e8-9fce-b6d5a273e545 - Exploit, Issue Tracking, Patch
First Time		Mudler Mudler localai
CPE		cpe:2.3:a:mudler:localai::::::::
CVSS	v2 : ~~unknown~~ v3 : ~~7.5~~	v2 : unknown v3 : 9.1

20 Jun 2024, 12:43

Type	Values Removed	Values Added
Summary		(es) Existe una vulnerabilidad de path traversal en mudler/localai versión 2.14.0, donde un atacante puede explotar el parámetro `model` durante el proceso de eliminación del modelo para eliminar archivos arbitrarios. Específicamente, al elaborar una solicitud con un parámetro "modelo" manipulado, un atacante puede atravesar la estructura del directorio y apuntar a archivos fuera del directorio deseado, lo que lleva a la eliminación de datos confidenciales. Esta vulnerabilidad se debe a una validación de entrada y una sanitización insuficientes del parámetro "modelo".

20 Jun 2024, 00:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-06-20 00:15

Updated : 2024-08-27 17:30

NVD link : CVE-2024-5182

Mitre link : CVE-2024-5182

CVE.ORG link : CVE-2024-5182

JSON object : View

Products Affected

mudler

localai

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

9.1 /10